Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '47fffa1054f9ea6e00ffb8e6770a25a7' = '%ALLUSERSPROFILE%\Application Data\Important.exe'
- [<HKCU>\Software\IMVU\username]
- %ALLUSERSPROFILE%\Application Data\CRNJEUFU_10_10_2_48_1.jpg
- %ALLUSERSPROFILE%\Application Data\Important.exe
- 'ja####ssociates.com':80
- 'wp#d':80
- http://ja####ssociates.com/honey/fragment/post.php?ty##########################################################
- http://11#.#11.111.1/wpad.dat via wp#d
- DNS ASK ja####ssociates.com
- DNS ASK wp#d