Техническая информация
- '<SYSTEM32>\svchost.exe'
- <SYSTEM32>\svchost.exe
- %TEMP%\esp.txt
- %TEMP%\esp.txt
- 'b1#.##one.qq.com':80
- '12#.#25.114.144':80
- 12#.#25.114.144/zqqnznysrjbivwd/item/ea40ac33f5a73c8f124b141a
- DNS ASK b1#.##one.qq.com
- DNS ASK hi.##idu.com