Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'bcb61eead' = '%APPDATA%\bcb61eead\bcb61eea.exe'
- %WINDIR%\syswow64\svchost.exe
- %APPDATA%\bcb61eead\bcb61eea.exe
- DNS ASK cl###odez.org
- DNS ASK va####lboards.com
- DNS ASK us####iledriver.com
- DNS ASK vo###ch.com.au
- '%WINDIR%\syswow64\svchost.exe'