Техническая информация
- %TEMP%\_BD2_2_28_2018 10_03_52 PM_EndBD2_.txt
- %TEMP%\temp.cmd
- <SYSTEM32>\logo.exe
- <SYSTEM32>\logo.exe
- %TEMP%\temp.cmd
- 'ch####p.dyndns.org':80
- 'wp#d':80
- http://ch####p.dyndns.org/
- http://11#.#11.111.1/wpad.dat via wp#d
- DNS ASK ch####p.dyndns.org
- DNS ASK wp#d
- '<SYSTEM32>\logo.exe'
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\temp.cmd""