Техническая информация
- '<SYSTEM32>\wermgr.exe' -queuereporting
- '<SYSTEM32>\taskhost.exe' $(Arg0)
- %WINDIR%\Explorer.EXE
- C:\ProgramData\Microsoft\RAC\Temp\sqlC64A.tmp
- C:\ProgramData\Microsoft\RAC\Temp\sqlC66B.tmp
- C:\ProgramData\Microsoft\RAC\Temp\sql8536.tmp
- C:\ProgramData\Microsoft\RAC\Temp\sql8516.tmp
- C:\ProgramData\Microsoft\RAC\Temp\sql8516.tmp
- C:\ProgramData\Microsoft\RAC\Temp\sql8536.tmp
- '21#.#1.62.33':3389
- '31.##4.220.251':3389
- '19#.#7.157.83':3388
- '20#.#6.232.246':8080
- '84.#.76.11':8080
- '46.##5.168.180':8080
- '20#.#40.186.97':8080
- DNS ASK dn#.##ftncsi.com