Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'F632DB89C2F54179537338' = '%APPDATA%\F632DB89C2F54179537338\F632DB89C2F54179537338.exe'
- %WINDIR%\syswow64\dllhost.exe
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] '2500' = '00000003'
- %TEMP%\f632db89c2f54179537338
- %APPDATA%\f632db89c2f54179537338\f632db89c2f54179537338.exe
- %TEMP%\f632db89c2f5417953733832
- http://m8###hdsiut.is/n9s98asfh/3/f99wwoh.php?F6####################
- DNS ASK m0##dx9.ru
- DNS ASK m8###hdsiut.is
- '%APPDATA%\f632db89c2f54179537338\f632db89c2f54179537338.exe'
- '%WINDIR%\syswow64\dllhost.exe'