Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'ects' = '%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\bochrara.exe'
- %APPDATA%\microsoft\windows\start menu\programs\startup\bochrara.exe
- %TEMP%\aut30df.tmp
- %APPDATA%\microsoft\windows\start menu\programs\startup\bochrara.exe
- %TEMP%\aut30df.tmp
- 'r3.#.lencr.org':80
- 'microsoft.com':80
- 'l.###4top.io':443
- DNS ASK l.###4top.io
- DNS ASK r3.#.lencr.org
- DNS ASK microsoft.com
- '%APPDATA%\microsoft\windows\start menu\programs\startup\bochrara.exe'