Техническая информация
- %WINDIR%\tasks\hpcustparticipationver_2020120.job
- <SYSTEM32>\tasks\hpcustparticipationver_2020120
- %PROGRAMDATA%\nfkqp.com
- %LOCALAPPDATA%\microsoft\windows\history\history.ie5\mshist012020012020200121\index.dat
- %PROGRAMDATA%\nfkqp.com
- http://21#.#3.52.40/ck.txt
- http://21#.#3.52.20/?t=##########
- http://21#.#3.52.20/css/reset.css
- http://21#.#3.52.20/css/style.css
- http://21#.#3.52.20/img/upbig.gif
- http://js.##ers.51.la/20533691.js
- http://21#.#3.52.20/img/img01.png
- http://ia.#1.la/go1?id###########################################################################################################################################################################...
- http://21#.#3.52.20/img/img02.jpg
- http://21#.#3.52.20/img/img03.jpg
- DNS ASK ac.##1776.com
- DNS ASK js.##ers.51.la
- DNS ASK ia.#1.la
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''