Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '99FFF6AB' = '%APPDATA%\99FFF6AB\bin.exe'
- <SYSTEM32>\taskhost.exe
- iexplore.exe
- Процесс iexplore.exe, модуль wininet.dll
- Процесс firefox.exe, модуль nss3.dll
- %HOMEPATH%\desktop\issi2013_template_for_posters.docx
- %HOMEPATH%\desktop\adhd_and_obesity.docx
- %APPDATA%\99fff6ab\bin.exe
- 'cb####testing.com':80
- http://cb####testing.com/cbunah/
- DNS ASK google.com
- DNS ASK cb####testing.com
- '%WINDIR%\syswow64\winver.exe'