Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'hao567' = '%WINDIR%\Temp\Sougou.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Devices Manager] 'Start' = '00000002'
- '%WINDIR%\Temp\Sougou.exe'
- %WINDIR%\Temp\Sougou.exe
- 'fe#####zaitian1.vicp.cc':81
- 'www.97##u.net':1976
- DNS ASK fe#####zaitian1.vicp.cc
- DNS ASK www.97##u.net