Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Sysmppcv' = '<SYSTEM32>\Rundll32.exe "<SYSTEM32>\SysTdSvr.dll",Start'
- <SYSTEM32>\rundll32.exe "<SYSTEM32>\SysTdSvr.dll",Start
- <SYSTEM32>\SysTdSvr.dll.tmp
- <SYSTEM32>\cwebpage.dll.tmp
- %TEMP%\tmp1.CAB
- %TEMP%\tmp2.CAB
- %TEMP%\tmp2.CAB
- %TEMP%\tmp1.CAB
- 'hu##new.cn':21
- DNS ASK hu##new.cn