Техническая информация
- %APPDATA%\microsoft\windows\start menu\programs\startup\usersvc.lnk
- C:\users\public\pictures\usersvc.exe
- C:\users\public\pictures\systeminfo.txt
- C:\users\public\pictures\curl.exe
- C:\users\public\pictures\upd.exe
- C:\users\public\pictures\ver_main_u.exe
- C:\users\public\pictures\version.txt
- 'my####rnalip.com':443
- 'dr##box.com':80
- 'dr##box.com':443
- 'uc#############a2177c52105b4.dl.dropboxusercontent.com':443
- 'uc#############6ddbb2e0fd37a.dl.dropboxusercontent.com':443
- 'uc#############cde531a97bb9a.dl.dropboxusercontent.com':443
- '<LOCALNET>.88.246':8902
- http://www.dr##box.com/s/gfdum4hwjs4ac0d/upd.exe?dl##
- http://www.dr##box.com/s/prrqatlt2rz30om/Ver_main_u.exe?dl##
- 'my####rnalip.com':443
- 'dr##box.com':443
- 'uc#############a2177c52105b4.dl.dropboxusercontent.com':443
- DNS ASK my####rnalip.com
- DNS ASK dr##box.com
- DNS ASK uc#############a2177c52105b4.dl.dropboxusercontent.com
- DNS ASK uc#############6ddbb2e0fd37a.dl.dropboxusercontent.com
- DNS ASK uc#############cde531a97bb9a.dl.dropboxusercontent.com
- 'C:\users\public\pictures\usersvc.exe' C:\Users\Public\Pictures\UserSVC.exe
- 'C:\users\public\pictures\ver_main_u.exe'
- 'C:\users\public\pictures\usersvc.exe' C:\Users\Public\Pictures\UserSVC.exe' (со скрытым окном)