Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'wincl' = '%APPDATA%\WinRan\winran.exe'
- '%APPDATA%\WinRan\winran.exe'
- '<SYSTEM32>\taskkill.exe' /F /IM wscript.exe
- %APPDATA%\WinRan\winran.exe
- %APPDATA%\__check__6879.xyz
- %APPDATA%\__check__6879.xyz
- 'bl##.###ipsybossa.com.br':80
- 'dr########l.asso.univ-poitiers.fr':80
- 'bi#########rapia.deviandnarendra.com':80
- 'wv#.###mdressmall.org':80
- 'www.su#####ncompany.com.br':80
- http://bl##.###ipsybossa.com.br/
- http://dr########l.asso.univ-poitiers.fr/
- http://bi#########rapia.deviandnarendra.com/
- http://wv#.###mdressmall.org/
- http://www.su#####ncompany.com.br/
- DNS ASK bl##.###ipsybossa.com.br
- DNS ASK dr########l.asso.univ-poitiers.fr
- DNS ASK bi#########rapia.deviandnarendra.com
- DNS ASK wv#.###mdressmall.org
- DNS ASK www.su#####ncompany.com.br
- ClassName: '' WindowName: ''
- ClassName: 'Indicator' WindowName: ''