Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'scrss' = '%APPDATA%\dotNET.lnk'
- %APPDATA%\microsoft\windows\start menu\programs\startup\dotnet.lnk
- %APPDATA%\idle.exe
- %APPDATA%\dotnet.lnk
- %APPDATA%\dotnet.lnk
- %APPDATA%\dotnet.lnk
- http://i.##gur.com/4wuH1Y7.png
- http://ge#####sbeach.mcdir.ru/68ruw4vq1k7ybkqerz4ju7xute26tq3kpgd153o9tmqdws1l0pnuhv4cp4mm5abzlti/p3h2ivtg942o48k86o5aa7u2psnv66udx/4aa81b50589a313b3980a5e84b7cbc92988d5e8a.php?da#########
- http://ge#####sbeach.mcdir.ru/68ruw4vq1k7ybkqerz4ju7xute26tq3kpgd153o9tmqdws1l0pnuhv4cp4mm5abzlti/p3h2ivtg942o48k86o5aa7u2psnv66udx/qeg2cvm7asnigw41ickd3q1msjjpleq54nf0v6h08gbhgxlu5up5r2j3jar6j...
- http://ip##fo.io/ip
- DNS ASK i.##gur.com
- DNS ASK ge#####sbeach.mcdir.ru
- DNS ASK ip##fo.io
- '%APPDATA%\idle.exe'