Техническая информация
- %APPDATA%\microsoft\windows\start menu\programs\startup\bit2bd2.tmp
- %WINDIR%\tasks\reboot.job
- <SYSTEM32>\tasks\reboot
- %WINDIR%\syswow64\mstsc.exe
- %WINDIR%\syswow64\cmd.exe
- %TEMP%\25e93daf.png
- %APPDATA%\adobe\flash player\assetcache\bit2316.tmp
- %TEMP%\17212d56.lnk
- %APPDATA%\adobe\flash player\assetcache\bit2316.tmp
- %APPDATA%\microsoft\windows\start menu\programs\startup\bit2bd2.tmp
- %APPDATA%\adobe\flash player\assetcache\bit2316.tmp в %APPDATA%\adobe\flash player\assetcache\reboot.exe
- 'i.##gur.com':443
- 're####ngclause.com':2019
- DNS ASK i.##gur.com
- DNS ASK re####ngclause.com
- '%WINDIR%\syswow64\mstsc.exe'
- '%WINDIR%\syswow64\cmd.exe'