Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'AppDomain' = '"%APPDATA%\AppDomain.exe"'
- '%TEMP%\domain\wdacl.exe'
- '%APPDATA%\AppDomain.exe'
- %TEMP%\nsr6.tmp\GHCSbfFdqGRUY.dll
- %TEMP%\nsk5.tmp
- %TEMP%\nsm9.tmp\GHCSbfFdqGRUY.dll
- %TEMP%\nsa8.tmp
- %APPDATA%\AppDomain.exe
- %TEMP%\buffoon\unionisations.w
- %TEMP%\nsm2.tmp
- %TEMP%\domain\wdacl.exe
- %TEMP%\nsl3.tmp\GHCSbfFdqGRUY.dll
- %TEMP%\nsm9.tmp\GHCSbfFdqGRUY.dll
- %TEMP%\nsr6.tmp\GHCSbfFdqGRUY.dll
- %TEMP%\nsl3.tmp\GHCSbfFdqGRUY.dll
- 'ad#.#eotrk.net':531
- DNS ASK ad#.#eotrk.net