Техническая информация
- %TEMP%\ptxexpjh.js
- %TEMP%\8797.121779847486.exe
- %TEMP%\50916.49819745384.exe
- %TEMP%\57464.228336300854.exe
- 're####nathome.com':80
- http://su####ght.com.sg/aIlOtz
- http://co###nte.com.sg/QAN1G8
- http://gg##ngs.com/tYzA6X
- http://pr#####edosanjos.com.br/BLl1X4
- http://sw####fashion.com/StGjaJ
- http://go###ntwigs.com/hM5szn
- http://ar####nwankwo.com/J5wTv8
- http://gl###xx24.com/flYi3s
- http://bu####online.com/UsCgGj
- http://ko###gmem.net/bTt1eI
- http://ga####stickshop.com/BRYyEQ
- DNS ASK su####ght.com.sg
- DNS ASK ni###print.com
- DNS ASK ec##ers.com
- DNS ASK ko###gmem.net
- DNS ASK la####porthome.com
- DNS ASK po####oals.co.uk
- DNS ASK bu####online.com
- DNS ASK gl###xx24.com
- DNS ASK ki###ea888.net
- DNS ASK pr####typrobe.com
- DNS ASK ar####nwankwo.com
- DNS ASK yu####jewels.com
- DNS ASK go###ntwigs.com
- DNS ASK on####eprint.com
- DNS ASK sw####fashion.com
- DNS ASK ra####suit.com.au
- DNS ASK pr#####edosanjos.com.br
- DNS ASK gg##ngs.com
- DNS ASK co###nte.com.sg
- DNS ASK ka##n.com
- DNS ASK ga####stickshop.com
- DNS ASK re####nathome.com
- '<SYSTEM32>\wscript.exe' %TEMP%\PTxEXpJH.js