Техническая информация
- '<SYSTEM32>\rundll32.exe' dfdts.dll,DfdGetDefaultPolicyAndSMART
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings] 'WarnonBadCertRecving' = '00000000'
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\today2[1].ruy
- %APPDATA%\Roaming\Mozilla\Firefox\Profiles\zp7tnb55.default\preferences\user.js
- 'de##iro.com':443
- 'er##ope.com':80
- 'localhost':58786
- er##ope.com/recfor/today2.ruy
- DNS ASK dn#.##ftncsi.com
- DNS ASK de##iro.com
- DNS ASK er##ope.com