Техническая информация
- '%TEMP%\s3.tmp'
- %TEMP%\byfe.rtf
- %TEMP%\jwud.rtf
- %TEMP%\s3.tmp
- %TEMP%\s3.tmp
- DNS ASK ap#.#pify.org
- DNS ASK ha###nawass.com
- DNS ASK ro###nreswi.ru
- DNS ASK mi###fitons.ru
- DNS ASK kr######g3u4npcg.onion.to
- ClassName: 'Г§' WindowName: 'Г§'
- ClassName: '' WindowName: ''
- ClassName: 'SysCredential' WindowName: ''
- ClassName: 'BUTTON' WindowName: '&Remember my password'
- ClassName: 'ComboBoxEx32' WindowName: ''
- ClassName: 'Edit' WindowName: ''
- '%TEMP%\s3.tmp' ' (со скрытым окном)
- '%ProgramFiles%\microsoft office\office14\winword.exe' /Automation -Embedding