Техническая информация
- '%WINDIR%\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe'
- '<SYSTEM32>\cmd.exe' /C move /y "%TEMP%\nothing.lnk" "%HOMEPATH%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\utorrent.lnk"
- %WINDIR%\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
- C:\84-2031112502-12-5-1-S\S-1-5-21-2052111302-48.exe
- %TEMP%\nothing.lnk
- 'ap#.#pify.org':80
- '18#.#63.125.252':4782
- 'ip##pi.com':80
- 'fr###eoip.net':80
- http://ap#.#pify.org/
- http://fr###eoip.net/xml/
- http://ip##pi.com/json/
- DNS ASK ap#.#pify.org
- DNS ASK fr###eoip.net
- DNS ASK ip##pi.com