Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'gu811iE93eWt1I3U' = '%APPDATA%\No6J22Dz8b0kEJgb\k26JoB8JxRfF.exe'
- %APPDATA%\Imminent\Logs\18-04-2017
- %APPDATA%\No6J22Dz8b0kEJgb\k26JoB8JxRfF.exe
- %APPDATA%\No6J22Dz8b0kEJgb\k26JoB8JxRfF.exe
- 'bl##.#logsyte.com':5002
- DNS ASK bl##.#logsyte.com