Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '73GV4Rs' = '%APPDATA%\BMLLs3ki5\9yaKbQB9C.exe %APPDATA%\BMLLs3ki5\VtraWi519 %APPDATA%\BMLLs3ki5\tP0tp9wph'
- %APPDATA%\Microsoft\Windows\DudaDreams.log
- %APPDATA%\BMLLs3ki5\9Y1b98yu3.zip
- %APPDATA%\BMLLs3ki5\9Y1b98yu3.zip
- 'ma#####celula.com.br':80
- http://ma#####celula.com.br/lcqoeoqtcp.png
- DNS ASK ma#####celula.com.br