Техническая информация
- %TEMP%\~nsua.tmp\un_a.exe
- %TEMP%\nsm5037.tmp\userinfo.dll
- %TEMP%\nsm5037.tmp\ip.dll
- %TEMP%\nst5317.tmp
- %TEMP%\nsm5037.tmp\nsexec.dll
- %TEMP%\nsm5037.tmp\inetc.dll
- %TEMP%\nsm5037.tmp\net.tmp
- <DRIVERS>\etc\hosts
- %TEMP%\nst5317.tmp
- 'google.com':443
- 'microsoft.com':443
- 'wi###edia.org':443
- DNS ASK ne##.###htenvironment.com
- DNS ASK google.com
- DNS ASK microsoft.com
- DNS ASK wi###edia.org
- ClassName: '#32770' WindowName: ''
- '%TEMP%\~nsua.tmp\un_a.exe' _?=<Текущая директория>\
- '%WINDIR%\syswow64\cmd.exe' /c "<SYSTEM32>\ipconfig /flushdns"' (со скрытым окном)
- '%WINDIR%\syswow64\cmd.exe' /c "<SYSTEM32>\ipconfig /flushdns"
- '%WINDIR%\syswow64\ipconfig.exe' /flushdns