Техническая информация
- '<SYSTEM32>\rundll32.exe' %PROGRAMDATA%\BysKIez.dll,DllRegisterServer
- %WINDIR%\syswow64\msiexec.exe
- %PROGRAMDATA%\byskiez.dll
- %APPDATA%\dexiul\zaofefz.dll
- http://wm######xxbcxmucxmlc.com/files/april24.dll
- http://wm######xxbcxmucxmlc.com/post.php
- http://on######qrwbvdfoqnof.com/post.php
- DNS ASK wm######xxbcxmucxmlc.com
- DNS ASK on######qrwbvdfoqnof.com
- DNS ASK cm######ldiigqghlryq.com
- '<SYSTEM32>\rundll32.exe' %PROGRAMDATA%\BysKIez.dll,DllRegisterServer' (со скрытым окном)
- '%WINDIR%\syswow64\msiexec.exe'