Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'wincl' = '%APPDATA%\WinSlm\winslm.exe'
- '%APPDATA%\WinSlm\winslm.exe'
- '<SYSTEM32>\taskkill.exe' /F /IM wscript.exe
- %APPDATA%\WinSlm\winslm.exe
- %APPDATA%\__check__3177.xyz
- %APPDATA%\__check__3177.xyz
- 'www.ga#####koochooloo.com':80
- 'www.ma#####zvillarroya.es':80
- 'ru###kutai.com':80
- 'www.wa##r.net':80
- 'dr###ftsys.com':80
- http://www.ga#####koochooloo.com/
- http://www.ma#####zvillarroya.es/
- http://ru###kutai.com/
- http://www.wa##r.net/
- http://dr###ftsys.com/
- DNS ASK www.ga#####koochooloo.com
- DNS ASK www.ma#####zvillarroya.es
- DNS ASK ru###kutai.com
- DNS ASK www.wa##r.net
- DNS ASK dr###ftsys.com
- ClassName: '' WindowName: ''
- ClassName: 'Indicator' WindowName: ''