Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'lssas.exe' = '<SYSTEM32>\lssas.exe'
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{244560C0-8945-6A11-5812-DFAF2BA82DFD}] 'StubPath' = '<SYSTEM32>\lssas.exe'
- %WINDIR%\NOTEPAD.EXE
- %WINDIR%\Explorer.EXE
- <SYSTEM32>\lssas.exe
- 'd4###.sytes.net':3460
- DNS ASK d4###.sytes.net