Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{25P1F3V5-W64R-60MB-43B3-80SKN6732YO2}] 'StubPath' = '%TEMP%\InstallDir\server.exe restart'
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{25P1F3V5-W64R-60MB-43B3-80SKN6732YO2}] 'StubPath' = '%TEMP%\InstallDir\server.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'HKLM' = '%TEMP%\InstallDir\server.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'HKCU' = '%TEMP%\InstallDir\server.exe'
- '%ProgramFiles%\Internet Explorer\IEXPLORE.EXE'
- '<SYSTEM32>\svchost.exe'
- <SYSTEM32>\svchost.exe
- %TEMP%\InstallDir\server.exe
- 'xo###0.ddns.net':8888
- 'localhost':1037
- DNS ASK xo###0.ddns.net