Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\6to4] 'ImagePath' = '<SYSTEM32>\svchost.exe -k netsvcs'
- [<HKLM>\SYSTEM\ControlSet001\Services\6to4\Parameters] 'ServiceDll' = '<SYSTEM32>\6to4v32.dll'
- [<HKLM>\SYSTEM\ControlSet001\Services\isapeep] 'ImagePath' = '<SYSTEM32>\isapeep.sys'
- [<HKLM>\SYSTEM\ControlSet001\Services\6to4] 'Start' = '00000002'
- '<SYSTEM32>\cmd.exe' /c del <Полный путь к файлу> > nul
- %WINDIR%\Temp\clk488.nls
- %WINDIR%\Temp\clk473.nls
- %WINDIR%\Temp\clk488.nls в <SYSTEM32>\6to4v32.dll
- %WINDIR%\Temp\clk473.nls в <SYSTEM32>\isapeep.sys
- DNS ASK ho###seas.com
- DNS ASK 24###otel.com