Техническая информация
- %WINDIR%\explorer.exe
- %TEMP%\ca7mno2unv0f1r9nz3
- %TEMP%\007op0f2vpchbi4
- %TEMP%\nsd952e.tmp\pcpacgn.dll
- 'ca####imaginem.com':80
- 'ca####rniahiker.com':80
- 'ca###tends.com':80
- 'cy######batpenggugur.com':80
- 'hu###hunjx.com':80
- 'se###ngift.com':80
- 'pu####tpharaoh.com':80
- http://www.no#####nbackflow.com/bbqo/?nN########################################################################################
- DNS ASK ca####imaginem.com
- DNS ASK ca####rniahiker.com
- DNS ASK ca###tends.com
- DNS ASK cy######batpenggugur.com
- DNS ASK hu###hunjx.com
- DNS ASK se###ngift.com
- DNS ASK pu####tpharaoh.com
- DNS ASK no#####nbackflow.com
- '%WINDIR%\syswow64\svchost.exe'
- '%WINDIR%\syswow64\cscript.exe'
- '%WINDIR%\syswow64\cmd.exe' del "%WINDIR%\SysWOW64\svchost.exe"