Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'Startup key' = '%HOMEPATH%\subfolder1\filename1.exe'
- ieinstal.exe
- %HOMEPATH%\subfolder1\filename1.exe
- %APPDATA%\onedrive\logs.dat
- http://oc##.thawte.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQwF4prw9S7mCbCEHD%2Fyl6nWPkczAQUe1tFz6%2FOy3r9MZIaarbzRutXSFACEEeXTXhzpbyrDS%2BzcBkvzl4%3D
- DNS ASK sh###.dmca.gripe
- DNS ASK oc##.thawte.com
- '%ProgramFiles(x86)%\internet explorer\ieinstal.exe'