Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'F7E71C06' = '%APPDATA%\F7E71C06\bin.exe'
- '%WINDIR%\explorer.exe'
- <SYSTEM32>\cscript.exe
- %APPDATA%\F7E71C06\bin.exe
- 'hg###cury.space':80
- http://hg###cury.space/Cqnxsp3sxm/
- DNS ASK hg###cury.space
- ClassName: 'Indicator' WindowName: ''