Техническая информация
- <SYSTEM32>\upnpcont.exe
- <SYSTEM32>\jqlso.dll
- <SYSTEM32>\ycrgv.dll
- <SYSTEM32>\9wl_e.dll
- <SYSTEM32>\ti5kz.dll
- <SYSTEM32>\o2het.dll
- <SYSTEM32>\7mbqc.dll
- <SYSTEM32>\microsoft\svchost.exe
- %TEMP%\regini.txt
- %TEMP%\task.bat
- <SYSTEM32>\microsoft\svchost.exe
- %TEMP%\regini.txt
- %TEMP%\task.bat
- 'ma#.#aidu.com':80
- DNS ASK ma#.#aidu.com
- DNS ASK pd####y.zzszgz.com
- DNS ASK pm##.##urnalforum.org
- DNS ASK pb####y.zzszgz.com
- DNS ASK pd###.zzszgz.com
- DNS ASK px###.hrt360.com
- DNS ASK pb###.zzszgz.com
- '<SYSTEM32>\microsoft\svchost.exe'
- '<SYSTEM32>\cmd.exe' /c %TEMP%\task.bat' (со скрытым окном)
- '<SYSTEM32>\upnpcont.exe'
- '<SYSTEM32>\cmd.exe' /c %TEMP%\task.bat
- '<SYSTEM32>\regini.exe' %TEMP%\regini.txt