Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'KRNVANDAF' = '%TEMP%\Pila2\fictioniz.vbs'
- fictioniz.exe
- %TEMP%\pila2\fictioniz.exe
- %TEMP%\pila2\fictioniz.vbs
- %APPDATA%\remcos\logs.dat
- 'as#####11111.ddns.net':2475
- 'ma#####1.duckdns.org':2475
- 'ma#####1.theworkpc.com':2475
- '18#.#44.30.36':2475
- http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt
- DNS ASK on####ve.live.com
- DNS ASK microsoft.com
- DNS ASK ti####.#m.files.1drv.com
- DNS ASK as#####11111.ddns.net
- DNS ASK ma#####1.duckdns.org
- DNS ASK ma#####1.theworkpc.com
- '%TEMP%\pila2\fictioniz.exe'