Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '37D62488E6680F' = '%APPDATA%\0537D62488E6680F\0537D62488E6680F.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] '2500' = '00000003'
- %APPDATA%\Mozilla\Firefox\Profiles\cwdgt0y8.default\user.js
- %APPDATA%\0537D62488E6680F\0537D62488E6680F.exe
- %TEMP%\0537D62488E6680F
- C:\RECYCLER\S-1-5-21-2052111302-484763869-725345543-1003\desktop.ini
- 'ha###alulus.com':80
- http://ha###alulus.com/client.php?05##############
- DNS ASK ha###alulus.com
- '%APPDATA%\0537D62488E6680F\0537D62488E6680F.exe'