Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Userinit' = '<SYSTEM32>\userinit.exe,<SYSTEM32>\Isass.exe'
- [<HKLM>\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] 'Isass' = '<SYSTEM32>\Isass.exe:*:Enabled:Isass'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] 'Isass' = '<SYSTEM32>\Isass.exe:*:Enabled:Isass'
- <SYSTEM32>\ash.htm
- <SYSTEM32>\Isass.exe
- <SYSTEM32>\Isass.exe
- 'mi#######.spymastersnake.net':21
- 'localhost':1036
- DNS ASK mi#######.spymastersnake.net