Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'guavawhippersna' = '%TEMP%\BEVIDSTH\Stubbingagoraer.vbs'
- stubbingagoraer.exe
- %TEMP%\bevidsth\stubbingagoraer.exe
- %TEMP%\bevidsth\stubbingagoraer.vbs
- '19#.5.97.10':2487
- http://37.##.230.180/Host32_gEnNG152.bin
- '%TEMP%\bevidsth\stubbingagoraer.exe'