Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'TcpIpCfg' = 'Rundll32 "%APPDATA%\jemgmys.dll" MainThread'
- '<SYSTEM32>\rundll32.exe' "%APPDATA%\jemgmys.dll" MainThread
- %APPDATA%\jemgmys.dll
- 'www.ku#####wanlilai.info':80
- www.ku#####wanlilai.info/mail.asp?MA############
- DNS ASK www.ku#####wanlilai.info
- ClassName: 'Indicator' WindowName: '(null)'