Техническая информация
- '<SYSTEM32>\reg.exe' ADD "HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows" /v Load /t REG_SZ /d %APPDATA%/Performance/lsasx.exe /f
- '<SYSTEM32>\cmd.exe' /c REG ADD "HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows" /v Load /t REG_SZ /d %APPDATA%/Performance/lsasx.exe /f
- %APPDATA%\Performance\lsasx.exe
- %APPDATA%\Performance\lsasx.exe
- 'ip#f.in':80
- 'wp#d':80
- 'sa#####ills.hldns.ru':11001
- http://ip#f.in/txt
- http://11#.#11.111.2/wpad.dat via wp#d
- DNS ASK ip#f.in
- DNS ASK wp#d
- DNS ASK sa#####ills.hldns.ru