Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Flash' = '"%ALLUSERSPROFILE%\Application Data\AdobeCloud\Flash.exe" /update'
- '%ALLUSERSPROFILE%\Application Data\GoogleInc\Update32.exe'
- '%ALLUSERSPROFILE%\Application Data\AdobeCloud\Flash.exe' /update
- %ALLUSERSPROFILE%\Application Data\AdobeCloud\Flash.exe
- %ALLUSERSPROFILE%\Application Data\GoogleInc\config.json
- %ALLUSERSPROFILE%\Application Data\GoogleInc\Update32.exe
- 'xm#####a1.nanopool.org':14444
- '1g####mkqlxez.xyz':80
- http://1g####mkqlxez.xyz/in.php?id#############
- DNS ASK xm#####a1.nanopool.org
- DNS ASK 1g####mkqlxez.xyz