Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '106e4e1f0f12bf42bb76b8b80c3944f0' = '%ALLUSERSPROFILE%\Application Data\Important.exe'
- [<HKCU>\Software\IMVU\username]
- %ALLUSERSPROFILE%\Application Data\CRNJEUFU_9_11_16_9_1.jpg
- %ALLUSERSPROFILE%\Application Data\Important.exe
- 'do#####dpdf.superweb.ws':80
- 'wp#d':80
- http://11#.#11.111.1/wpad.dat via wp#d
- http://do#####dpdf.superweb.ws/key/html/image/upload.php
- DNS ASK do#####dpdf.superweb.ws
- DNS ASK wp#d