Техническая информация
- %TEMP%\bifytwvy.js
- %TEMP%\atqtvba_11037.exe
- http://kw##b.it/tNTjZ2
- http://pu####afacile.it/JvZ9cX
- http://qu#####anieriviste.com/WIKuLk
- http://li##ion.net/9cRXIl
- http://me####esign.info/o12QeD
- http://ro###arita.com/5NmH3b
- http://pg####unitycab.com/FAlx1b
- http://le######erryconsulting.com/gXTND7
- http://po###loki.ru/nbTURt
- http://po###loki.ru/404
- DNS ASK be######bersindallas.com
- DNS ASK kw##b.it
- DNS ASK pu####afacile.it
- DNS ASK qu#####anieriviste.com
- DNS ASK li##ion.net
- DNS ASK ar####qayler.com
- DNS ASK me####esign.info
- DNS ASK sa###iumspb.ru
- DNS ASK ro###arita.com
- DNS ASK pg####unitycab.com
- DNS ASK le######erryconsulting.com
- DNS ASK po###loki.ru
- '<SYSTEM32>\wscript.exe' %TEMP%\bIFyTwvY.js