Техническая информация
- '<SYSTEM32>\conhost.exe'
- %WINDIR%\Temp\MPTelemetrySubmit\watson_manifest.txt
- %WINDIR%\Temp\MPTelemetrySubmit\client_manifest.txt
- %APPDATA%\Roaming\tor\state.tmp
- %APPDATA%\Roaming\tor\state.tmp в %APPDATA%\Roaming\tor\state
- '76.##.17.194':9090
- '86.#9.21.38':443
- '12#.31.0.39':9101
- '19#.#3.244.244':443
- 'localhost':49158
- '21#.#12.245.170':443
- '18.#.0.1':9
- DNS ASK wa####.microsoft.com
- DNS ASK dn#.##ftncsi.com
- '22#.0.0.252':5355