Техническая информация
- <SYSTEM32>\tasks\microsoft\windows\mui\l
- %APPDATA%\microsoft\launcher.exe
- <LS_APPDATA>\microsoft\windows\<INETFILES>\content.ie5\re1n75kr\xml[1].xml
- <LS_APPDATA>\microsoft\windows\<INETFILES>\content.ie5\0u8lpyu9\things[1].xml
- <LS_APPDATA>\microsoft\windows\<INETFILES>\content.ie5\caasbycl\4c384435-9e82-4011-acf3-78489bb98229[1].exe
- %TEMP%\debe.tmp.exe
- <SYSTEM32>\tasks\adobe acrobat update task
- %WINDIR%\tasks\adobe flash player updater.job
- <SYSTEM32>\tasks\adobe flash player updater
- http://ho##as5.ml/click.php?cn#####################
- http://ip##pi.com/xml
- http://ho##pp2.ga/20190118/things.xml
- http://www.ho##pp2.ga/20190118/4C384435-9E82-4011-ACF3-78489BB98229.exe
- http://go#####analytics.com/collect
- DNS ASK ho##as5.ml
- DNS ASK ip##pi.com
- DNS ASK go#####analytics.com
- DNS ASK ho##pp2.ga
- '%TEMP%\debe.tmp.exe'