Technical Information
- %APPDATA%\microsoft\windows\start menu\programs\startup\gdvutgfc.lnk
- <SYSTEM32>\tasks\opera scheduled autoupdate 2021791044
- %APPDATA%\microsoft\windows\gdvutgfc\varbfurw.exe
- %APPDATA%\microsoft\windows\gdvutgfc\varbfurw.exe
- 'ms###csi.com':80
- 'te#####rvice01.ru.com':80
- http://www.ms###csi.com/ncsi.txt
- DNS ASK pr###st-0124.tk
- DNS ASK te####ervice01.host
- DNS ASK te####ervice01.pro
- DNS ASK te#####rvice01.pp.ru
- DNS ASK te#####rvice01.org.ru
- DNS ASK mi#####-service01.ru
- DNS ASK do#####-service01.ru
- DNS ASK te#####rvice01.space
- DNS ASK te#####rvice01.net.ru
- DNS ASK ru#####-service01.ru
- DNS ASK pr#####-service01.ru
- DNS ASK te#####rvice01.press
- DNS ASK te####ervice01.eu
- DNS ASK te#####rvice01rus.ru
- DNS ASK te#####rvice01pro.ru
- DNS ASK te####ervice01.fun
- DNS ASK te####ervice01.xyz
- DNS ASK te#####rvice01dom.ru
- DNS ASK ru####-service01.ru
- DNS ASK te#####rvice01.online
- DNS ASK te####ervice01.tech
- DNS ASK te####ervice01.net
- DNS ASK te####ervice01.info
- DNS ASK te####ervice01.su
- DNS ASK my####-service01.ru
- DNS ASK te####ervice0124.ru
- DNS ASK te#####rvice01.store
- DNS ASK te####ervice01.site
- DNS ASK te####ervice01.com
- DNS ASK te####ervice01.pw
- DNS ASK te#####rvice01.ru.com
- DNS ASK te#####rvice01.website
- DNS ASK mo#####-service01.ru