Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Commons' = '%PROGRAMDATA%\CommonsFiles\write.exe'
- %PROGRAMDATA%\commonsfiles\write.exe
- %PROGRAMDATA%\commonsfiles\propsys.dll
- %PROGRAMDATA%\commonsfiles\vo8dlog.tmp
- %PROGRAMDATA%\commonsfiles\write.exe.config
- %PROGRAMDATA%\commonsfiles\commons
- %TEMP%\tmpfb8d.tmp
- %TEMP%\tmp16e6.tmp
- %TEMP%\tmp3d85.tmp
- %TEMP%\tmpfb8d.tmp в %APPDATA%\commonsdat\rqhvldlw.nd4.sif
- %TEMP%\tmp16e6.tmp в %APPDATA%\commonsdat\ovbqizwi.azu.flc
- %TEMP%\tmp3d85.tmp в %APPDATA%\commonsdat\bl0zbqea.wsa.fls
- DNS ASK as##bin.net
- '%PROGRAMDATA%\commonsfiles\write.exe'