Техническая информация
- %APPDATA%\microsoft\windows\start menu\programs\startup\i0bci7vyo8ffh6rms9i.lnk
- %LOCALAPPDATA%\wiatrace.log
- %LOCALAPPDATA%\mgz1mknf8bj841lqaaow\n6lr3zojz3uuas55uzbpddokoxabvhbp40.wsf
- %APPDATA%\ngbpvnnwklmd.zip
- %APPDATA%\zjfne7~1\irltqlvxrmyksvmfdpyswom.db
- %APPDATA%\zjfne7~1\rwfwjstiexnromackfsyatpzd.db
- %APPDATA%\zjfne7~1\irltqlvxrmyksvmfdpyswom.exe
- %LOCALAPPDATA%\mgz1mknf8bj841lqaaow\n6lr3zojz3uuas55uzbpddokoxabvhbp40.wsf
- %APPDATA%\ngbpvnnwklmd.zip
- http://19#.#92.22.92/Ktfvzvolnpzu/Ucyntmovqkghkuit/Lnlpndabx/Cawwlwwuohvuwrk/Ngbpvnnwklmd.db
- '<SYSTEM32>\wscript.exe' "%LOCALAPPDATA%\mgZ1Mknf8BJ841LqaAOw\n6Lr3ZoJz3uuAs55uZbPDdokOXABVHBp40.wsf"