Техническая информация
- ClassName: 'OLLYDBG', WindowName: ''
- %APPDATA%\microsoft\windows\templates\mdsa\microsoftcompanion\surv(.exe)\55.12.51.21\xsandbox.bin.__tmp__
- %TEMP%\spoon\cache\0x613ccd8e4c74fcad\sxs\manifests\mdsa.exe_0xb3375896a536fb0e8bf1c4f30807b054.1.manifest.__tmp__
- %TEMP%\spoon\cache\0x613ccd8e4c74fcad\sxs\mdsa.exe\mdsa.exe.manifest.__tmp__
- %APPDATA%\systemshot\02-10-2020
- %APPDATA%\microsoft\windows\templates\mdsa\microsoftcompanion\surv(.exe)\55.12.51.21\xsandbox.bin.__tmp__ в %APPDATA%\microsoft\windows\templates\mdsa\microsoftcompanion\surv(.exe)\55.12.51.21\xsandbox.bin
- %TEMP%\spoon\cache\0x613ccd8e4c74fcad\sxs\manifests\mdsa.exe_0xb3375896a536fb0e8bf1c4f30807b054.1.manifest.__tmp__ в %TEMP%\spoon\cache\0x613ccd8e4c74fcad\sxs\manifests\mdsa.exe_0xb3375896a536fb0e8bf1c4f30807b054.1.manifest
- %TEMP%\spoon\cache\0x613ccd8e4c74fcad\sxs\mdsa.exe\mdsa.exe.manifest.__tmp__ в %TEMP%\spoon\cache\0x613ccd8e4c74fcad\sxs\mdsa.exe\mdsa.exe.manifest
- '18#.#03.240.187':4782
- http://ip##pi.com/json/
- DNS ASK ip##pi.com