Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '{88AF23A6-4F05-1B97-5815-6E369DDBBFDA}' = '<SYSTEM32>\iassam.exe'
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{85B43CE1-82F9-6D4F-3533-1B5A15666B31}] 'StubPath' = '<SYSTEM32>\iassam.exe'
- %WINDIR%\Explorer.EXE
- <SYSTEM32>\iassam.exe
- 'li####lly.66ip.net':8125
- 'li####lly.gicp.net':8125
- DNS ASK li####lly.66ip.net
- DNS ASK li####lly.gicp.net