Техническая информация
- %TEMP%\nsk3.tmp\nsz4.tmp
- %APPDATA%\Microsoft\Crypto\RSA\S-1-5-21-1275210071-117609710-1801674531-500\992d27be6b64292d4306108576459145_ffcb838e-6d3b-4e44-a259-8ac8f5c94c4f
- <SYSTEM32>\fee697c0-4106-8530-def0-8c2e9dbf9129.exe
- %TEMP%\nsk3.tmp\nsss
- %TEMP%\nsk3.tmp\NSISdl.dll
- %TEMP%\nsk3.tmp\System.dll
- %TEMP%\nsp2.tmp
- %TEMP%\nsk3.tmp\Math.dll
- %APPDATA%\Microsoft\Protect\S-1-5-21-1275210071-117609710-1801674531-500\a2ae76ff-62ec-46b8-a06b-0ee090483700
- <SYSTEM32>\c212d5a8-0edd-e7c7-0244-a30fe11cf07c.dll
- 'a2.##ueads.biz':80
- a2.##ueads.biz/smb/nsi_install.php?in###############################################################
- DNS ASK a2.##ueads.biz