Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'Run' = '%TEMP%\clameh\htregns.exe'
- ieinstal.exe
- %TEMP%\clameh\htregns.exe
- %APPDATA%\des\logs.dat
- %APPDATA%\des\logs.dat
- 'wa.###aragon.org':4404
- 'ba#.##maragon.org':4404
- 'drive.google.com':443
- 'do#########ocs.googleusercontent.com':443
- DNS ASK drive.google.com
- DNS ASK do#########ocs.googleusercontent.com
- DNS ASK wa.###aragon.org
- DNS ASK ba#.##maragon.org
- '%ProgramFiles(x86)%\internet explorer\ieinstal.exe'