Техническая информация
- '%TEMP%\yessine.exe'
- '<SYSTEM32>\ping.exe' www.se#.com -t -l 10000
- '<SYSTEM32>\wscript.exe' "<SYSTEM32>\s4c.vbs"
- [<HKCU>\Software\Paltalk]
- <SYSTEM32>\s4c.vbs
- %TEMP%\yessine.exe
- <SYSTEM32>\s4c.vbs
- 'an#####usaqw.no-ip.biz':111
- DNS ASK www.se#.com
- DNS ASK an#####usaqw.no-ip.biz
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'Shell_traywnd' WindowName: ''