Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '{523BB81E-F0F7-DB66-DF65-B82761A00F49}' = '%APPDATA%\SBdLSVoi\zoltrSqa\NeJCIyOM\BlTEPNlod.exe'
- %WINDIR%\Tasks\{523BB81E-F0F7-DB66-DF65-B82761A00F49}.job
- '%APPDATA%\SBdLSVoi\zoltrSqa\NeJCIyOM\BlTEPNlod.exe'
- %APPDATA%\SBdLSVoi\zoltrSqa\NeJCIyOM\BlTEPNlod.exe
- 'ta###peri.party':80
- 'tu####usim.party':80
- 'pr#.#cssoft.com':80
- 'le###ngscan.com':80
- http://ta###peri.party/netreport.php
- http://tu####usim.party/netreport.php
- http://pr#.#cssoft.com/netreport.php
- http://le###ngscan.com/netreport.php
- DNS ASK ta###peri.party
- DNS ASK tu####usim.party
- DNS ASK pr#.#cssoft.com
- DNS ASK le###ngscan.com