Техническая информация
- %WINDIR%\Tasks\wwindos.exe
- %HOMEPATH%\Start Menu\Programs\Startup\101.exe
- %PROGRAM_FILES%\xerox\xx0xx.exe
- <SYSTEM32>\spool\soople.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\blob[1]
- 'ge.tt':80
- ge.tt/api/1/files/6OvVfTJ/0/blob?do######
- DNS ASK ge.tt