Техническая информация
- %TEMP%\qkuwxtbhr.js
- %TEMP%\segrfvd_8418.exe
- %TEMP%\segrfvd_15904.exe
- %TEMP%\segrfvd_70839.exe
- %TEMP%\segrfvd_13864.exe
- %TEMP%\segrfvd_78226.exe
- %TEMP%\segrfvd_83258.exe
- http://kw##b.it/tNTjZ2
- http://pr#####toglass.co.nz/wMcW5Z
- http://ro###arita.com/5NmH3b
- http://al####akhinin.ru/hPBy2R
- http://ak##rd.com/R4yjhg
- http://ad####schubert.pl/7s56K8
- http://ma#####iproperties.com/pQIJGB
- http://kv####vaya-lampa.ru/fC9qZW
- http://no##sys.com/EwX0sO
- http://am##sur.com/sJIEQB
- http://qu#####anieriviste.com/WIKuLk
- http://no#####likejones.com/hati3x
- http://li##ion.net/9cRXIl
- http://ki##off.ru/WNwvki
- http://10###nsult.com/zZVPJj
- http://mc####eyhigh.org/lhAfaC
- http://ha##mee.com/hIPTXx
- http://fm##30.us/BznLrm
- http://ko###rkum.org/Lntxhy
- http://li##roup.ru/vV9c7l
- http://po###loki.ru/nbTURt
- http://po###loki.ru/404
- DNS ASK kw##b.it
- DNS ASK am####-concerts.de
- DNS ASK ro###arita.com
- DNS ASK al####akhinin.ru
- DNS ASK ak##rd.com
- DNS ASK ad####schubert.pl
- DNS ASK ma#####iproperties.com
- DNS ASK kv####vaya-lampa.ru
- DNS ASK mi#######press-randburg.co.za
- DNS ASK no##sys.com
- DNS ASK me##kino.ru
- DNS ASK am##sur.com
- DNS ASK qu#####anieriviste.com
- DNS ASK pr#####toglass.co.nz
- DNS ASK as####station.com
- DNS ASK li##ion.net
- DNS ASK ki##off.ru
- DNS ASK 10###nsult.com
- DNS ASK nw###izel.ru
- DNS ASK mc####eyhigh.org
- DNS ASK ha##mee.com
- DNS ASK fm##30.us
- DNS ASK ko###rkum.org
- DNS ASK be##v24.ru
- DNS ASK oh###-o-d.info
- DNS ASK li##roup.ru
- DNS ASK be######bersindallas.com
- DNS ASK no#####likejones.com
- DNS ASK po###loki.ru
- '<SYSTEM32>\wscript.exe' %TEMP%\qKuWXTbHR.js