Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'hEc' = '"%APPDATA%\Mv6bT\hqEQ.exe" /hqEQc1HjLPZnnyRhXsmSO8AWIhBCTXMv6bT44GoRzax8g9fYD8ZlPO5nTwHASmr'
- %APPDATA%\mv6bt\hqeq.exe
- %APPDATA%\mv6bt\hqeq.exe
- %APPDATA%\mv6bt\hqeq.exe
- '82.##6.54.187':80
- http://82.##6.54.187/XmOAIBTM6T4ozxgfDZP5THSrhEcHLZnRXmOAIBTM6T4ozxgfDZP5THSrhEcHLZnR/0/0/0/0/28/