Техническая информация
- '%TEMP%\RarSFX0\starter.exe'
- '<SYSTEM32>\svchost.exe'
- <SYSTEM32>\svchost.exe
- %ALLUSERSPROFILE%\DRM\Starter\cacybbzcwpxbbxg
- %TEMP%\RarSFX0\splash_screen.dll
- %TEMP%\RarSFX0\starter.exe
- %TEMP%\RarSFX0\starter.exe
- %TEMP%\RarSFX0\splash_screen.dll.sp1
- %TEMP%\RarSFX0\splash_screen.dll
- 'www.mo###ails.com':80
- DNS ASK www.mo###ails.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''