Техническая информация
- '<SYSTEM32>\cscript.exe' /NoLogo C:\Users\Public\l9pnyFSEmjNr\dixFfyiM9aHoy.vbs
- '<SYSTEM32>\regsvr32.exe' /si C:\Users\Public\l9pnyFSEmjNr\ubpVd14QPwgFw1.dll
- C:\users\public\l9pnyfsemjnr\dixffyim9ahoy.vbs
- C:\users\public\l9pnyfsemjnr\ubpvd14qpwgfw1.dll
- C:\users\public\l9pnyfsemjnr\dixffyim9ahoy.vbs
- http://lo####ielajsd.xyz/campo/123
- DNS ASK lo####ielajsd.xyz
- DNS ASK ya##o.com