Техническая информация
- [<HKLM>\System\CurrentControlSet\Services\Controls Counter WinHTTP IP Experience Input] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\Controls Counter WinHTTP IP Experience Input] 'ImagePath' = 'C:\c8zv3plicudn\xgpxagh5ynrzi.exe'
- %WINDIR%\c8zv3plicudn\cj0ezgzz8
- C:\c8zv3plicudn\cj0ezgzz8
- C:\c8zv3plicudn\laftbvftmyzpkrz1ta9q6s.exe
- C:\c8zv3plicudn\xgpxagh5ynrzi.exe
- C:\c8zv3plicudn\rrmcsyc.exe
- C:\c8zv3plicudn\chqomsbt
- C:\c8zv3plicudn\xgpxagh5ynrzi.exe
- C:\c8zv3plicudn\rrmcsyc.exe
- %WINDIR%\c8zv3plicudn\cj0ezgzz8
- C:\c8zv3plicudn\laftbvftmyzpkrz1ta9q6s.exe
- %WINDIR%\c8zv3plicudn\cj0ezgzz8
- 'ha####nhalflion.net':80
- 'ca#####eeitinthecup.org':80
- 'un###lgrain.org':80
- 'cl#####ortswomen.com':80
- 'si###ypeas.net':80
- http://do##bate.cn/index.php
- DNS ASK gr###factory.cn
- DNS ASK do##bate.cn
- DNS ASK ha####nhalflion.net
- DNS ASK ch####isportsmen.ru
- DNS ASK ga#####yundongyuan.cn
- DNS ASK pr##card.ru
- DNS ASK ca#####eeitinthecup.org
- DNS ASK ga####liongrass.net
- DNS ASK un###lgrain.org
- DNS ASK cl#####ortswomen.com
- DNS ASK pi##asia.cn
- DNS ASK pr####anabolikov.ru
- DNS ASK sc####ainbow.net
- DNS ASK si###ypeas.net
- 'C:\c8zv3plicudn\laftbvftmyzpkrz1ta9q6s.exe'
- 'C:\c8zv3plicudn\xgpxagh5ynrzi.exe'
- 'C:\c8zv3plicudn\rrmcsyc.exe' "c:\c8zv3plicudn\xgpxagh5ynrzi.exe"