Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{54523C84-18F7-21FE-7C77-0D27C363B4CA}] 'StubPath' = '<SYSTEM32>:winvat32.exe'
- %WINDIR%\Explorer.EXE
- %ALLUSERSPROFILE%\Application Data\DYA_WUBSUJDJWOUACJCQL\1.0.0:$SS_DESCRIPTOR_SBXNV9VVGV1BF16GLH1XCMVYKXLT9RXBXTDK9T0FSVF7JBCVPJGV
- %ALLUSERSPROFILE%\Desktop:$SS_DESCRIPTOR_SBXNV9VVGV1BF16GLH1XCMVYKXLT9RXBXTDK9T0FSVF7JBCVPJGV
- <SYSTEM32>:winvat32.exe
- %ALLUSERSPROFILE%\Application Data\DYA_WUBSUJDJWOUACJCQL\1.0.0\Data\app.dat
- %ALLUSERSPROFILE%\Application Data\DYA_WUBSUJDJWOUACJCQL\1.0.0\Data\updates.dat
- %APPDATA%\DYA_WUBSUJDJWOUACJCQL\1.0.0\Data\dya.dat
- '20#.#4.242.18':1139
- 'up#####r.dyndns-ip.com':1139
- DNS ASK up#####r.dyndns-ip.com