Техническая информация
- %WINDIR%\explorer.exe
- 'ra####angoods.com':80
- http://www.ra####angoods.com/m3de/?Ob#######################################################################################
- DNS ASK su###actory.net
- DNS ASK tu####hillip.com
- DNS ASK ra####angoods.com
- DNS ASK pl#####shreelucky.com
- DNS ASK co####toranexo.com
- '%WINDIR%\syswow64\svchost.exe'
- '%WINDIR%\syswow64\explorer.exe'
- '%WINDIR%\syswow64\cmd.exe' del "%WINDIR%\SysWow64\svchost.exe"