Техническая информация
- %TEMP%\rznoqml37zprsy1
- %TEMP%\rznoqml37zprsy1.dll
- http://www.in#######onesjosearteaga.com/lx9yd
- http://www.sc####ttigarage.com/3ebbu7
- http://tw##.com.br/js4ojo
- DNS ASK in#######onesjosearteaga.com
- DNS ASK sc####ttigarage.com
- DNS ASK tw##.com.br
- '<SYSTEM32>\rundll32.exe' %TEMP%\RZNOQM~1.DLL,qwerty 323