Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\irclass32] 'ImagePath' = '<SYSTEM32>\rundll32.exe irclass32.dll,ukod'
- [<HKLM>\SYSTEM\ControlSet001\Services\irclass32] 'Start' = '00000002'
- '%TEMP%\e574413e.exe'
- '<SYSTEM32>\netsh.exe' firewall add portopening TCP 25 DNS ENABLE ALL
- '<SYSTEM32>\netsh.exe' firewall add portopening TCP 5262 messenger ENABLE ALL
- <SYSTEM32>\a312d5d4.dll
- %TEMP%\e574413e.exe
- <SYSTEM32>\56e52ce8.dll
- <SYSTEM32>\9b5a2663.dll
- <SYSTEM32>\irclass32.dll