Техническая информация
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Microsoft' = '%LOCALAPPDATA%\Microsoft\Update.exe'
- https://yip.su/mini
- firefox.exe
- <Текущая директория>\bouncycastle.crypto.dll
- %LOCALAPPDATA%\microsoft\update.exe
- <Текущая директория>\bouncycastle.crypto.dll
- 'ic###azip.com':80
- 'yi#.su':443
- 'ge###tatool.com':443
- 're##ry.co':443
- 'microsoft.com':80
- 'di##ord.com':443
- http://ic###azip.com/
- http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt
- 'yi#.su':443
- 'ge###tatool.com':443
- 're##ry.co':443
- 'di##ord.com':443
- DNS ASK ic###azip.com
- DNS ASK yi#.su
- DNS ASK ge###tatool.com
- DNS ASK re##ry.co
- DNS ASK microsoft.com
- DNS ASK di##ord.com