Техническая информация
- '%TEMP%\clr_gg.exe' sunshine.mistralaucanada.com Lingvo-x5-klyuch.zip
- '%TEMP%\setup_fff.exe' 7acfd76499ca2e8d46d2442cec923017 sunshine.mistralaucanada.com /images/srvr/partner/send.php 5
- '<SYSTEM32>\wermgr.exe' -queuereporting
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\clr_gg.exe.bat" clr_gg.exe sunshine.mistralaucanada.com Lingvo-x5-klyuch.zip"
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\setup_fff.exe.bat" setup_fff.exe 7acfd76499ca2e8d46d2442cec923017 sunshine.mistralaucanada.com /images/srvr/partner/send.php 5"
- %TEMP%\clr_gg.exe
- %TEMP%\setup_fff.exe
- %TEMP%\setup_fff.exe
- %TEMP%\clr_gg.exe
- 'su######.mistralaucanada.com':80
- DNS ASK su######.mistralaucanada.com