Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'UNDISGU' = '%HOMEPATH%\Supranatu\friersexp.vbs'
- friersexp.exe
- %HOMEPATH%\supranatu\friersexp.exe
- %HOMEPATH%\supranatu\friersexp.vbs
- DNS ASK vd####9wogzzu.info
- '%HOMEPATH%\supranatu\friersexp.exe'