Техническая информация
- %TEMP%\nsk18f.tmp\system.dll
- %TEMP%\nsk18f.tmp\lzma.exe
- %TEMP%\nsk18f.tmp\infotext.dat
- %TEMP%\nsk18f.tmp\launkeys.dat
- %TEMP%\nsk18f.tmp\dcryptdll.dll
- %TEMP%\nsk18f.tmp\inst.dat
- %TEMP%\nsk18f.tmp\nsexec.dll
- %TEMP%\nsa1a0.tmp\launcher.exe
- %LOCALAPPDATA%\microsoft\windows\history\history.ie5\mshist012020062220200623\index.dat
- %TEMP%\nsk18f.tmp\infotext.dat
- %TEMP%\nsa1a0.tmp\launcher.exe в %TEMP%\nsa1a0.tmp\<Имя файла>.exe
- http://tr######.brownswitch.com/webinst/links/fallback.gif?ms############################################################
- http://st####.hugedomains.com/images/logo_huge_domains.gif
- http://oc##.#tartssl.com/sub/class2/code/ca/MEMwQTA%2FMD0wOzAJBgUrDgMCGgUABBQSOgrhRCSnWfKxoWTjWxhk8hga9AQU0E4PQJlsuEsZbzsouODjiAc0qrcCAhAV
- http://tr######.brownswitch.com/webinst/links
- DNS ASK tr######.brownswitch.com
- DNS ASK hu###omains.com
- DNS ASK st####.hugedomains.com
- DNS ASK oc##.#tartssl.com
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''
- '%TEMP%\nsk18f.tmp\lzma.exe' "d" "%TEMP%\nsk18F.tmp\inst.dat" "%TEMP%\nsa1A0.tmp\Launcher.exe"
- '%TEMP%\nsa1a0.tmp\<Имя файла>.exe'
- '%TEMP%\nsk18f.tmp\lzma.exe' "d" "%TEMP%\nsk18F.tmp\inst.dat" "%TEMP%\nsa1A0.tmp\Launcher.exe"' (со скрытым окном)