Техническая информация
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Erbjbz' = 'C:\Users\Public\Libraries\zbjbrE.url'
- %WINDIR%\syswow64\mshta.exe
- C:\users\public\libraries\temp
- C:\users\public\libraries\erbjbzted.exe
- C:\users\public\libraries\erbjbz
- C:\users\public\libraries\zbjbre.url
- C:\users\public\libraries\temp
- 'on####ve.live.com':443
- 'microsoft.com':80
- 'ty####.#m.files.1drv.com':443
- 'Le####.casacam.net':6655
- 'on####ve.live.com':443
- 'ty####.#m.files.1drv.com':443
- 'Le####.casacam.net':6655
- DNS ASK on####ve.live.com
- DNS ASK microsoft.com
- DNS ASK ty####.#m.files.1drv.com
- DNS ASK Le####.casacam.net
- '%WINDIR%\syswow64\mshta.exe'