Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'DUDISHPR' = '%HOMEPATH%\MELLEMLED\CRUPP.vbs'
- crupp.exe
- %HOMEPATH%\mellemled\crupp.exe
- %HOMEPATH%\mellemled\crupp.vbs
- 'ty###gvbxc.ru':6974
- 'drive.google.com':443
- 'do#########ocs.googleusercontent.com':443
- DNS ASK drive.google.com
- DNS ASK do#########ocs.googleusercontent.com
- DNS ASK ty###gvbxc.ru
- '%HOMEPATH%\mellemled\crupp.exe'