Техническая информация
- <SYSTEM32>\tasks\microsoft\windows\mui\l
- %APPDATA%\microsoft\launcher.exe
- %TEMP%\6aff.tmp.exe
- %WINDIR%\tasks\adobe flash player updater.job
- <SYSTEM32>\tasks\adobe flash player updater
- <SYSTEM32>\tasks\opera scheduled autoupdate 1432206110
- http://ho##as4.cf/click.php?cn#####################
- http://ip##pi.com/xml
- http://ho##pp2.cf/20190118/things.xml
- http://go#####analytics.com/collect
- DNS ASK ho##as4.cf
- DNS ASK ip##pi.com
- DNS ASK go#####analytics.com
- DNS ASK ho##pp2.cf
- DNS ASK li#####.##-us-west-2.amazonaws.com
- '%TEMP%\6aff.tmp.exe'