Техническая информация
- '%TEMP%\frnoo.exe'
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\UEWNTWLX\cheluk-12[1].scg
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\23BUYPX5\cheluk-12[1].scg
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\YIF7DGLM\cheluk-12[1].scg
- %TEMP%\uttEF4C.tmp
- %TEMP%\frnoo.exe
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\UEWNTWLX\cheluk-12[1].scg
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\YIF7DGLM\cheluk-12[1].scg
- 'fj###.#wardspace.com':80
- 'ca#######isesi.awardspace.com':80
- '94.##.62.185':19701
- fj###.#wardspace.com/images/cheluk-12.scg
- ca#######isesi.awardspace.com/Packages/cheluk-12.scg
- DNS ASK fj###.#wardspace.com
- DNS ASK ca#######isesi.awardspace.com
- DNS ASK dn#.##ftncsi.com