Техническая информация
- %APPDATA%\microsoft\windows\start menu\programs\startup\appraiser.url
- %WINDIR%\syswow64\dllhost.exe
- %WINDIR%\syswow64\svchost.exe
- %HOMEPATH%\appraiser\appraiser.vbs
- %HOMEPATH%\appraiser\tswpfwrp.exe
- %APPDATA%\remcos\logs.dat
- %APPDATA%\remcos\logs.dat
- DNS ASK gr#####god.duckdns.org
- '%WINDIR%\syswow64\dllhost.exe'
- '%WINDIR%\syswow64\svchost.exe'