Техническая информация
- %TEMP%\misdbovmpfokvie.exe
- %TEMP%\del31658.bat
- <DRIVERS>\vscvkbvmoyynsfthew.sys
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\moute[1].gif
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\moute[1].gif
- 'ba####.cyad.co.kr':80
- ba####.cyad.co.kr/moute.gif
- DNS ASK ba####.cyad.co.kr