Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices] 'Microsoft' = 'google1.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Microsoft' = 'google1.exe'
- <SYSTEM32>\google1.exe 300 ""%TEMP%\1.exe""
- <SYSTEM32>\google1.exe
- %TEMP%\2.exe
- %TEMP%\1.exe
- <SYSTEM32>\google1.exe
- 'po#####ead05.no-ip.biz':6667
- DNS ASK po#####ead05.no-ip.biz