Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] 'fHOsOXbDngftPEiTKyElhzmnNz' = '<SYSTEM32>\TttQSRzaSXdLdv.exe'
- %HOMEPATH%\Start Menu\Programs\Startup\.lnk
- '<SYSTEM32>\cmd.exe' /c del <Полный путь к вирусу> >> NUL
- %WINDIR%\Explorer.EXE
- <SYSTEM32>\TttQSRzaSXdLdv.exe
- 'lu####jthlevay.pw':80
- 'bc####xmcejgyq.in':80
- 'of####dlqsqpwh.net':80
- 'at####ggauxtwt.com':80
- 'jq####joguaafk.su':80
- 'nc####rxcfqyyg.tw':80
- 'fy####xhhpneuy.me':80
- 'ty####nhgxlbaj.cc':80
- 'ur####qgdodywx.tw':80
- 'id####lrrkptsq.com':80
- 'fy####ekbagrnw.pw':80
- 'sj####onuypvli.tw':80
- 'jx####tfnhcosy.net':80
- 'jw####lcydjtqx.cc':80
- 'ok####vppfxlqs.su':80
- 'na####daakqiuo.in':80
- 'ei####ujuyvvgr.me':80
- DNS ASK lu####jthlevay.pw
- DNS ASK bc####xmcejgyq.in
- DNS ASK of####dlqsqpwh.net
- DNS ASK at####ggauxtwt.com
- DNS ASK fy####xhhpneuy.me
- DNS ASK nc####rxcfqyyg.tw
- DNS ASK vx####fsfiqpxe.net
- DNS ASK ty####nhgxlbaj.cc
- DNS ASK jq####joguaafk.su
- DNS ASK id####lrrkptsq.com
- DNS ASK fy####ekbagrnw.pw
- DNS ASK sj####onuypvli.tw
- DNS ASK jx####tfnhcosy.net
- DNS ASK na####daakqiuo.in
- DNS ASK ok####vppfxlqs.su
- DNS ASK ur####qgdodywx.tw
- DNS ASK ei####ujuyvvgr.me
- DNS ASK jw####lcydjtqx.cc