Техническая информация
- <Текущая директория>\jesaymxplc.exe
- %WINDIR%\temp\tar703d.tmp
- %WINDIR%\temp\cab703c.tmp
- %WINDIR%\temp\tar5a89.tmp
- %WINDIR%\temp\cab5a88.tmp
- %WINDIR%\temp\tar5a49.tmp
- %WINDIR%\temp\cab5a48.tmp
- %WINDIR%\temp\tar44b4.tmp
- %WINDIR%\temp\cab44b3.tmp
- %WINDIR%\temp\tar8db.tmp
- %WINDIR%\temp\cab8ca.tmp
- %WINDIR%\temp\tarf29b.tmp
- %WINDIR%\temp\cabf29a.tmp
- %WINDIR%\temp\tarf26a.tmp
- %WINDIR%\temp\cabf269.tmp
- nul
- %WINDIR%\temp\cabc2d0.tmp
- %WINDIR%\temp\tarc2e0.tmp
- %WINDIR%\temp\cabf269.tmp
- %WINDIR%\temp\tarf26a.tmp
- %WINDIR%\temp\cabf29a.tmp
- %WINDIR%\temp\tarf29b.tmp
- %WINDIR%\temp\cab8ca.tmp
- %WINDIR%\temp\tar8db.tmp
- %WINDIR%\temp\cab44b3.tmp
- %WINDIR%\temp\tar44b4.tmp
- %WINDIR%\temp\cab5a48.tmp
- %WINDIR%\temp\tar5a49.tmp
- %WINDIR%\temp\cab5a88.tmp
- %WINDIR%\temp\tar5a89.tmp
- %WINDIR%\temp\cab703c.tmp
- %WINDIR%\temp\tar703d.tmp
- %WINDIR%\temp\cabc2d0.tmp
- %WINDIR%\temp\tarc2e0.tmp
- 'mo###ith.club':443
- 'microsoft.com':80
- 'mo###ith.club':80
- 'x1.#.lencr.org':80
- 'r3.#.lencr.org':80
- http://x1.#.lencr.org/
- http://r3.#.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBRI2smg%2ByvTLU%2Fw3mjS9We3NfmzxAQUFC6zF7dYVsuuUAlA5h%2BvnYsUwsYCEgMzWw%2Fw7Z9klVQoWXwj9u6vPg%3D%3D
- http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt
- 'mo###ith.club':443
- DNS ASK mo###ith.club
- DNS ASK microsoft.com
- DNS ASK x1.#.lencr.org
- DNS ASK r3.#.lencr.org
- '<Текущая директория>\jesaymxplc.exe'
- '<SYSTEM32>\cmd.exe' /C ping 1.1.1.1 -n 1 -w 6000 > Nul & Del "<Полный путь к файлу>"
- '<SYSTEM32>\ping.exe' 1.1.1.1 -n 1 -w 6000