Technical Information
- '%APPDATA%\WindowsUpdate.exe' -sdp 0007 /verysilent
- '' (downloaded from the Internet)
- %APPDATA%\WindowsUpdate.exe
- 'www.b-####ons.online':80
- 'st####.#oastfiles2017.com':80
- 'wp#d':80
- http://www.b-####ons.online/ping.php?ru######
- http://st####.#oastfiles2017.com/download/40/90043/DNSUnlocker/setup.exe
- http://11#.#11.111.1/wpad.dat via wp#d
- DNS ASK www.b-####ons.online
- DNS ASK st####.#oastfiles2017.com
- DNS ASK wp#d