Техническая информация
- $url.tostring(
- C:\drivers\losters.cmd
- C:\drivers\lomurs.exe
- C:\drivers\lomurs.exe
- C:\drivers\losters.cmd
- C:\drivers\lomurs.exe
- http://ta###tinua.com/apawn/55555555.png
- http://ta###tinua.com/cgi-sys/suspendedpage.cgi
- http://de###nbene.de/wpfsjfcrp/55555555.png
- http://ac####tshop.com.br/arnphkv/55555555.png
- http://www.co#####asalvatore.com/bolcv/55555555.png
- http://lo#####poemente.com.br/beuefuqpd/55555555.png
- http://su###zkhabar.ir/fhrhowc/55555555.png
- http://hi######obookkeeping.com/yowyvoux/55555555.png
- http://hi######obookkeeping.com/cgi-sys/suspendedpage.cgi
- http://ev##t.ee/imjzrilmu/55555555.png
- http://ev##t.ee/index.php?er####################
- http://an####ighschool.com/lipun/55555555.png
- http://www.se####entispada.it/odisaehjgg/55555555.png
- http://pa###eilumi.it/kupmmngtbbn/55555555.png
- http://www.cr#####ostruzioni.it/jnatzwzp/55555555.png
- http://em###torgame.ir/ocdxvkhvmtjx/55555555.png
- DNS ASK ta###tinua.com
- DNS ASK de###nbene.de
- DNS ASK pa####offering.nl
- DNS ASK ac####tshop.com.br
- DNS ASK co#####asalvatore.com
- DNS ASK lo#####poemente.com.br
- DNS ASK su###zkhabar.ir
- DNS ASK hi######obookkeeping.com
- DNS ASK ev##t.ee
- DNS ASK an####ighschool.com
- DNS ASK se####entispada.it
- DNS ASK pa###eilumi.it
- DNS ASK cr#####ostruzioni.it
- DNS ASK em###torgame.ir
- '<SYSTEM32>\cmd.exe' /c ""C:\Drivers\Losters.cmd" "' (со скрытым окном)
- '<SYSTEM32>\cmd.exe' /c ""C:\Drivers\Losters.cmd" "
- '<SYSTEM32>\timeout.exe' /T 10