Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8dd3bf69-29fa-eba1-99a7-6d81d9eb16a1}]
- %APPDATA%\Microsoft\Crypto\RSA\S-1-5-21-2052111302-484763869-725345543-1003\dbb79f896a9241ae305cf575d82c783c_23ef5514-3059-436f-a4a7-4cefaab20eb1
- <SYSTEM32>\FB-H6e--HKL.exe
- %APPDATA%\Microsoft\Protect\CREDHIST
- %TEMP%\nsa2.tmp
- <SYSTEM32>\13-X-Z_vYt7n.dll
- 'a.###direct.com':80
- http://a.###direct.com/sfEp/setup.asp?re####
- DNS ASK a.###direct.com