Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Sedpth] 'Start' = '00000002'
- <SYSTEM32>\svchost.exe -k netsvcs
- %TEMP%\107000_res.tmp
- %TEMP%\107000.dll
- <SYSTEM32>\Sedpth.dll
- %TEMP%\107000.dll
- 'pe######003.publicvm.com':8080
- 're######.regionfocus.com':53
- 'us#.##gionfocus.com':80
- DNS ASK pe######003.publicvm.com
- DNS ASK re######.regionfocus.com
- DNS ASK us#.##gionfocus.com