Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '1jqt9k3j' = '%PROGRAM_FILES%\1jqt9k3j\1jqt9k3j.exe'
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\loader[1]
- %PROGRAM_FILES%\1jqt9k3j\1jqt9k3j.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\loader[1]
- 'sd#.#lrsch.com':80
- sd#.#lrsch.com/loader/
- DNS ASK sd#.#lrsch.com