Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Program' = 'C:\Users\Admin\Desktop\Íîâûé òåêñòîâûé äîêóìåíò (2).vbs /autorun'
- %WINDIR%\serviceprofiles\networkservice\appdata\locallow\microsoft\cryptneturlcache\metadata\f0accf77cdcbff39f6191887f6d2d357
- %WINDIR%\serviceprofiles\networkservice\appdata\locallow\microsoft\cryptneturlcache\content\f0accf77cdcbff39f6191887f6d2d357
- http://oc##.#tartssl.com/sub/class2/code/ca/MEMwQTA%2FMD0wOzAJBgUrDgMCGgUABBQSOgrhRCSnWfKxoWTjWxhk8hga9AQU0E4PQJlsuEsZbzsouODjiAc0qrcCAhAV
- DNS ASK 24##deo.vip
- DNS ASK yo##ube.com
- DNS ASK i.##img.com
- DNS ASK fo###.#oogleapis.com
- DNS ASK fo###.gstatic.com
- DNS ASK accounts.google.com
- DNS ASK r5########nekn76.googlevideo.com
- DNS ASK ss#.#static.com
- DNS ASK s.##img.com
- DNS ASK cd##.rocks
- DNS ASK im#.#4video.vip
- DNS ASK mc.yandex.ru
- DNS ASK oc##.#tartssl.com
- DNS ASK js#####t.newrelic.com
- ClassName: 'Static' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''
- '%ProgramFiles%\internet explorer\iexplore.exe' https://www.24##deo.vip/video/view/1941592
- '%ProgramFiles%\internet explorer\iexplore.exe' https://www.yo##ube.com/watch?v=###########