Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'KB709764.exe' = '"%APPDATA%\KB709764.exe"'
- %TEMP%\svchost.exe
- %APPDATA%\KB709764.exe
- 'ma##.gmail.com':25
- 'on####onlywes.com':1001
- '67.##5.160.76':25
- 'ma##.#otmail.com':25
- DNS ASK Gm##l.cOM
- DNS ASK on####onlywes.com
- DNS ASK HO##aIl.cOM
- DNS ASK in####thenetss.com
- DNS ASK yA##O.Com
- ClassName: 'Indicator' WindowName: ''