Техническая информация
- "%TEMP%\hlp2d.exe" (загружен из сети Интернет)
- %TEMP%\nsd7.tmp\System.dll
- %TEMP%\nsd7.tmp\Math.dll
- %TEMP%\nsb2.tmp\zsilent.exe
- %TEMP%\nsi6.tmp
- %TEMP%\nsd7.tmp\NSISdl.dll
- %TEMP%\nsd7.tmp\NSISdl_temp.zugo
- %TEMP%\nsd7.tmp\md5dll.dll
- %TEMP%\nsd7.tmp\GetVersion.dll
- %TEMP%\nsb2.tmp\ext2p.exe
- %TEMP%\nso4.tmp\System.dll
- %TEMP%\nsb2.tmp\NSISdl.dll
- %TEMP%\nsb2.tmp\getCountry
- %TEMP%\hlp2d.exe
- %TEMP%\nsb2.tmp\System.dll
- %TEMP%\nso4.tmp\NSISdl.dll
- %TEMP%\nso4.tmp\regb
- %TEMP%\nso4.tmp\regb
- %TEMP%\nso4.tmp\System.dll
- %TEMP%\hlp2d.exe
- %TEMP%\nso4.tmp\NSISdl.dll
- 'www.xy###tats.com':80
- 'www.in####t-find.com':80
- 'tr###.zugo.com':80
- www.xy###tats.com/dl/zbr081.exe
- www.in####t-find.com/regdt/{89423F58-4993-473D-A814-9747A346C28B}|0|1081
- tr###.zugo.com/getCountry/
- DNS ASK www.xy###tats.com
- DNS ASK www.in####t-find.com
- DNS ASK tr###.zugo.com