Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'WinDriver' = '<Полный путь к файлу>'
- 'wp#d':80
- 'ms#####.#ranus.feralhosting.com':80
- 'ms#####.##taeus.feralhosting.com':80
- '18#.#5.48.68':80
- 'pa###bin.com':80
- '20#.#6.232.182':443
- http://11#.#11.111.1/wpad.dat via wp#d
- http://ms#####.#ranus.feralhosting.com/68fead277b52bdd8f1ca21cddcd3299
- http://ms#####.#ranus.feralhosting.com/217eb54cfc0fe64e8a5d802042506b443
- http://ms#####.##taeus.feralhosting.com/6e628c7bd6d34dc3c2a8ae7d0e5a9b
- http://ms#####.##taeus.feralhosting.com/c3cb5860f0dbf08b28efd5ab25ea95472e
- http://18#.#5.48.68/02ed55faea5d1d2b1490e78da30da107/5fc741325308c0e741e9509ed5d
- http://18#.#5.48.68/02ed55faea5d1d2b1490e78da30da107/fc324f595608bf3e9809c401917f9a6900977
- http://pa###bin.com/raw/h5yBCwpY
- http://pa###bin.com/raw/HNkipzLK
- http://pa###bin.com/raw/qdwMGvDS
- http://pa###bin.com/raw/Vf81BwHn
- http://pa###bin.com/raw/Z3mcNqjz
- http://pa###bin.com/raw/u66uXYRh
- http://ms#####.#ranus.feralhosting.com/ew34a.zip
- http://18#.#5.48.68/02ed55faea5d1d2b1490e78da30da107/ew34a.zip
- http://ms#####.##taeus.feralhosting.com/ew34a.zip
- DNS ASK wp#d
- DNS ASK ms#####.#ranus.feralhosting.com
- DNS ASK ms#####.##taeus.feralhosting.com
- DNS ASK pa###bin.com