Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'oAl84Vu' = '%HOMEPATH%\rPy42Hs\MsUpdater.exe'
- '<SYSTEM32>\taskmgr.exe'
- <SYSTEM32>\taskmgr.exe
- %TEMP%\yId95Ha.KX7
- %TEMP%\aut1.tmp
- %TEMP%\yId95Ha.KX7
- %TEMP%\yId95Ha.KX7
- %TEMP%\aut1.tmp
- 'fi#####n23.zapto.org':1604
- 'be####.zapto.org':1604
- DNS ASK fi#####n23.zapto.org
- DNS ASK be####.zapto.org