Техническая информация
- %WINDIR%\Tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job
- %WINDIR%\Arurya.exe
- %WINDIR%\Arurya.exe
- <SYSTEM32>\PerfStringBackup.TMP
- %WINDIR%\Tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job
- %WINDIR%\Tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job
- 'pl##van.com':80
- 'ba##i.com':80
- 'to###orld.com':80
- pl##van.com/1wave.php
- ba##i.com/1wave.php
- to###orld.com/1wave.php
- DNS ASK to###orld.com
- DNS ASK ba##i.com
- DNS ASK pl##van.com
- DNS ASK go##le.cn
- DNS ASK or##t.com
- '<IP-адрес в локальной сети>':1036