Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'chrome' = 'Rundll32.exe SHELL32.DLL,ShellExec_RunDLL %APPDATA%\Microsoft\43B8B69BCFC97C5E05161D547134954B\taskwgr.exe'
- %APPDATA%\Microsoft\43B8B69BCFC97C5E05161D547134954B\taskwgr.exe
- %TEMP%\275504626
- 'ip##pi.com':80
- http://ip##pi.com/json
- DNS ASK ip##pi.com