Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'MSTASKS' = '<LS_APPDATA>\mstasks.exe'
- %TEMP%\1.tmp
- <LS_APPDATA>\mstasks.exe
- <LS_APPDATA>\mstasks.exe
- 'do#####d.meagoes.com':80
- 'do#####d.meagoes.com':443
- do#####d.meagoes.com/wKjBiswK/YVVTRVItNEJCMDlBOUMwMi5BZG1pbmlzdHJhdG9yLEMwN2Q.asp
- DNS ASK do#####d.meagoes.com
- ClassName: 'Indicator' WindowName: ''