Техническая информация
- %TEMP%\u932ahwto54eeqq
- %TEMP%\u932ahwto54eeqq.dll
- http://th####ongroup.com/hv2klu43
- http://www.dr###nnoir.net/bmy053n
- http://sh####property.com/hypvx
- DNS ASK th####ongroup.com
- DNS ASK dr###nnoir.net
- DNS ASK sh####property.com
- '<SYSTEM32>\rundll32.exe' %TEMP%\U932AH~1.DLL,qwerty 323