Техническая информация
- <SYSTEM32>\ddraw.dll файлом <SYSTEM32>\ddraw.dll
- <SYSTEM32>\ddraw.dll
- <SYSTEM32>\ddraw.dll.new
- <SYSTEM32>\dllcache\ddraw.dll.new
- <SYSTEM32>\ddraw.dll в <SYSTEM32>\ori.dll
- <SYSTEM32>\dllcache\ddraw.dll.new
- 'fs###iles.ga':80
- http://fs###iles.ga/dee1ebcd105d3d47adf43aba6fd674e80d1dc35f/data-expired.php?e=####################
- http://fs###iles.ga/dee1ebcd105d3d47adf43aba6fd674e80d1dc35f/data-exp.php?e=####################
- http://fs###iles.ga/Resource/PBID/FscFiles.dll
- DNS ASK fs###iles.ga
- '<SYSTEM32>\cmd.exe' /c color 0a
- '<SYSTEM32>\cmd.exe' /C takeown /f <SYSTEM32>\ddraw.dll
- '<SYSTEM32>\cmd.exe' /C icacls <SYSTEM32>\ddraw.dll /grant Administrators:F /T