Техническая информация
- %TEMP%\nsz5f3e.tmp\userinfo.dll
- %TEMP%\nsz5f3e.tmp\ip.dll
- %TEMP%\nsq625c.tmp
- %TEMP%\nsz5f3e.tmp\nsexec.dll
- %TEMP%\nsz5f3e.tmp\inetc.dll
- %TEMP%\nsz5f3e.tmp\net.tmp
- <DRIVERS>\etc\hosts
- %TEMP%\nsq625c.tmp
- %TEMP%\nsz5f3e.tmp\inetc.dll
- %TEMP%\nsz5f3e.tmp\ip.dll
- %TEMP%\nsz5f3e.tmp\net.tmp
- %TEMP%\nsz5f3e.tmp\nsexec.dll
- %TEMP%\nsz5f3e.tmp\userinfo.dll
- http://ne##.###htenvironment.com/passport.php?em####################################################################
- DNS ASK ne##.###htenvironment.com
- DNS ASK google.com
- DNS ASK microsoft.com
- DNS ASK wi###edia.org
- '%WINDIR%\syswow64\cmd.exe' /c "<SYSTEM32>\ipconfig /flushdns"' (со скрытым окном)
- '%WINDIR%\syswow64\cmd.exe' /c "<SYSTEM32>\ipconfig /flushdns"
- '%WINDIR%\syswow64\ipconfig.exe' /flushdns