Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '<Полный путь к вирусу>'
- 'www.pl##k.com':80
- 'al#####om.marketddy.com':80
- 'wh######.pchome-shop.com':80
- www.pl##k.com/mao2283
- al#####om.marketddy.com/s01eY5d4c4olCBUeFU0hza
- wh######.pchome-shop.com/s01eY5d4c4olCBUeFU0hza
- al#####om.marketddy.com/s01eY5d4c4olCBUeFU0hza
- wh######.pchome-shop.com/s01eY5d4c4olCBUeFU0hza
- DNS ASK www.pl##k.com
- DNS ASK al#####om.marketddy.com
- DNS ASK wh######.pchome-shop.com