Техническая информация
- '<SYSTEM32>\rundll32.exe' -sl ttpkp.dll
- <SYSTEM32>\cscript.exe
- %TEMP%\oca.hfe
- %ALLUSERSPROFILE%\xis\easll.emi
- 'rk###wpek.in':80
- 'ny##dnxb.in':80
- 'yx##doq.in':80
- 'bo###heep.net':80
- 'po###ohcdeq.in':80
- 'it###dqfp.in':80
- 'pk###vvgr.com':80
- 'iz##u.pw':80
- 'zk###bvj.net':80
- 'bs##gne.in':80
- DNS ASK yx##doq.in
- DNS ASK rk###wpek.in
- DNS ASK ny##dnxb.in
- DNS ASK microsoft.com
- DNS ASK bo###heep.net
- DNS ASK po###ohcdeq.in
- DNS ASK it###dqfp.in
- DNS ASK pk###vvgr.com
- DNS ASK google.com
- DNS ASK zk###bvj.net
- DNS ASK bs##gne.in
- DNS ASK iz##u.pw
- ClassName: 'Shell_TrayWnd' WindowName: ''