Техническая информация
- '<SYSTEM32>\wscript.exe' "%WINDIR%\Temp\ykotrenoyx.js"
- '%CommonProgramFiles%\Microsoft Shared\DW\DW20.EXE' -x -s 1908
- %WINDIR%\temp\ykotrenoyx.js
- %TEMP%\921763.cvr
- 'av#.com':443
- 'bi###fender.com':443
- 'es##.com':443
- 'av#.com':443
- 'bi###fender.com':443
- 'es##.com':443
- DNS ASK av#.com
- DNS ASK bi###fender.com
- DNS ASK es##.com
- DNS ASK ja###eneet.com