Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'NATIONHOODMA' = '%TEMP%\THYMACETINDA\MODERATIO.exe'
- ieinstal.exe
- %TEMP%\thymacetinda\moderatio.exe
- %APPDATA%\loghgs.dat
- %APPDATA%\loghgs.dat
- http://17#.#07.183.52/main/contact_OUWPHyTlXb41.bin
- DNS ASK dd##.#hsthings.xyz
- DNS ASK ne####.duckdns.org
- '%ProgramFiles(x86)%\internet explorer\ieinstal.exe'