Техническая информация
- %WINDIR%\tasks\contentdealer.job
- [<HKLM>\System\CurrentControlSet\Services\Dreary Herd] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\Dreary Herd] 'ImagePath' = '%APPDATA%\Dreary Herd\Dreary Herd.exe'
- %APPDATA%\dreary herd\dreary herd.exe
- %ALLUSERSPROFILE%\application data\{d6caed64-b838-78b8-d6ca-aed64b83b592}\<Имя файла>.exe
- %ALLUSERSPROFILE%\application data\{d6caed64-b838-78b8-d6ca-aed64b83b592}\<Имя файла>.dat
- %APPDATA%\dreary herd\juy.dat
- DNS ASK fu###et.info
- DNS ASK al####el-pro.com
- DNS ASK fu###set.link
- DNS ASK mo###odel.biz
- '%APPDATA%\dreary herd\dreary herd.exe'