Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'brute' = '%PROGRAMDATA%\ebaybrute\brute.exe'
- brute.exe
- %TEMP%\file.exe
- %TEMP%\svhost.exe
- %PROGRAMDATA%\ebaybrute\brute.exe
- %PROGRAMDATA%\ebaybrute\brute.exe
- %TEMP%\svhost.exe
- %TEMP%\svhost.exe
- 'hf####er.ddns.net':1738
- DNS ASK hf####er.ddns.net
- '%TEMP%\file.exe'
- '%PROGRAMDATA%\ebaybrute\brute.exe'