Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '{E7D9FF09-D55C-7FCC-27CA-4EEC9FDBC04C}' = '%APPDATA%\laEFDHux\BwScRhyX\menyuTER\VDMoFeNSo.exe'
- %WINDIR%\Tasks\{E7D9FF09-D55C-7FCC-27CA-4EEC9FDBC04C}.job
- '%APPDATA%\laEFDHux\BwScRhyX\menyuTER\VDMoFeNSo.exe'
- %APPDATA%\laEFDHux\BwScRhyX\menyuTER\VDMoFeNSo.exe
- 'bl####sysdate.com':443
- DNS ASK bl####sysdate.com