Техническая информация
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\WinUrl.url
- %ALLUSERSPROFILE%\Application Data\{56aeea57-c828-ae3e-b928-0155dcaaffd8}\hostdl.exe
- %ALLUSERSPROFILE%\Application Data\{56aeea57-c828-ae3e-b928-0155dcaaffd8}\hostdl.exe
- 'wp#d':80
- '5.###.231.110':80
- http://11#.#11.111.1/wpad.dat via wp#d
- http://5.###.231.110/supreme/files/toolset.txt
- DNS ASK wp#d
- '<SYSTEM32>\schtasks.exe' /create /tn WinUrl /tr %ALLUSERSPROFILE%\Application Data\{56aeea57-c828-ae3e-b928-0155dcaaffd8}\hostdl.exe /sc minute /F