Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'AutoLoader' = '"<SYSTEM32>\systry.exe"'
- '<SYSTEM32>\net1.exe' start
- %TEMP%\net.tmp
- <SYSTEM32>\cid.inf
- '64.#20.5.66':80
- 'yo###rack.eu':80
- yo###rack.eu/trk/success?cp######################
- 64.#20.5.66/ips/status.php?cp#####################
- DNS ASK yo###rack.eu
- ClassName: 'Indicator' WindowName: ''