Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] 'shell' = '%APPDATA%\bsK2mIVK\UOG9R0sa.exe'
- '%WINDIR%\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe'
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
- %APPDATA%\bsK2mIVK\UOG9R0sa.exe
- 'em#####s852.no-ip.org':1500
- '20#.#4.240.182':1500
- DNS ASK em#####s852.no-ip.org