Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'GoogleDownload' = '%APPDATA%\GoogleDownload.exe'
- '%APPDATA%\GoogleDownload.exe'
- %APPDATA%\Microsoft\Google\s.txt
- %TEMP%\nsd2.tmp
- %APPDATA%\GoogleDownload.exe
- 'wi######aseballsystem.com':80
- wi######aseballsystem.com/d.php
- wi######aseballsystem.com/get.php
- DNS ASK wi######aseballsystem.com