Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'Sacrame' = '%HOMEPATH%\Stadigh9\Internal8.vbs'
- internal8.exe
- %HOMEPATH%\stadigh9\internal8.exe
- %HOMEPATH%\stadigh9\internal8.vbs
- 'vd####9wogzzu.info':4405
- 'xv#####1skbs0bo.info':4405
- http://vd####9wogzzu.info/us11.bin
- DNS ASK vd####9wogzzu.info
- DNS ASK xv#####1skbs0bo.info
- DNS ASK jq####y7489jkmb.ru
- DNS ASK ct####n17qjpwv4.ru
- DNS ASK wv#####jspasvvi.info
- DNS ASK 5b####9ipmxb0qq.ru
- DNS ASK n8#####2bkdpfd7.info
- '%HOMEPATH%\stadigh9\internal8.exe'