Техническая информация
- %WINDIR%\explorer.exe
- 'tu####hillip.com':80
- 'ra####angoods.com':80
- 'ol####rescigno.com':80
- 'su###actory.net':80
- 'tv##u.com':80
- DNS ASK tu####hillip.com
- DNS ASK ra####angoods.com
- DNS ASK ol####rescigno.com
- DNS ASK su###actory.net
- DNS ASK tv##u.com
- DNS ASK in####ctbands.com
- '%WINDIR%\syswow64\svchost.exe'
- '%WINDIR%\syswow64\ipconfig.exe'
- '%WINDIR%\syswow64\cmd.exe' del "%WINDIR%\SysWow64\svchost.exe"