Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '94F63F46' = '%APPDATA%\94F63F46\bin.exe'
- '%WINDIR%\explorer.exe'
- <SYSTEM32>\cscript.exe
- %APPDATA%\94F63F46\bin.exe
- %APPDATA%\94F63F46\log.dat
- 'i2####gdb67uehdi.cc':80
- http://i2####gdb67uehdi.cc/new0fo782d78j2dh/
- DNS ASK i2####gdb67uehdi.cc
- ClassName: 'Indicator' WindowName: ''