Техническая информация
- %TEMP%\hymhqxeucw.js
- %TEMP%\guuqqtn_21439.exe
- 'bm###adag.com':80
- http://as####en.systems/lpQk6P
- http://bo##nz.net/zlsFhm
- http://ba####thingz.com/FBsQtK
- http://ba##edia.pl/BEVwnx
- http://at###tisfood.pl/KFXDB9
- http://bh####afoods.com/AJZWId
- http://as##-ir.com/GRV4hE
- http://be##esi.net/p1U6al
- http://ba###ehype.com/plzg3U
- http://ar####lescope.ru/hZgYLO
- http://bm##inc.com/4Fv7sK
- http://bn##oft.in/g8RvjV
- http://as####vesit.co.uk/Pmi1b6
- DNS ASK as####en.systems
- DNS ASK av#####nelcrafts.com
- DNS ASK bk##.com
- DNS ASK bn##oft.in
- DNS ASK bm##inc.com
- DNS ASK ba####tsmarried.com
- DNS ASK ar####lescope.ru
- DNS ASK ba###ehype.com
- DNS ASK be##esi.net
- DNS ASK as##-ir.com
- DNS ASK bh####afoods.com
- DNS ASK at###tisfood.pl
- DNS ASK ba##edia.pl
- DNS ASK bl##.#obrystolik.pl
- DNS ASK ba####thingz.com
- DNS ASK bo##nz.net
- DNS ASK av###.com.tr
- DNS ASK as###urid.net
- DNS ASK as####vesit.co.uk
- DNS ASK bm###adag.com
- '<SYSTEM32>\wscript.exe' %TEMP%\hyMhqxeUcW.js