Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Netman' = '%WINDIR%\meed\ctfmon.exe'
- %WINDIR%\meed\ctfmon.exe
- %WINDIR%\meed\ctfmon.exe -mi
- %WINDIR%\explorer.exe /select, %WINDIR%\meed\ctfmon.exe
- %WINDIR%\meed\SbieDLL.DLL
- %WINDIR%\meed\ctfmon.exe
- 'ji####sima.gicp.net':8377
- DNS ASK ji####sima.gicp.net
- ClassName: '' WindowName: ''
- ClassName: 'Indicator' WindowName: ''
- ClassName: '' WindowName: '%WINDIR%\meed'
- ClassName: '' WindowName: 'meed'