Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\embg] 'DLLName' = 'sfpguitv.dll'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\embg] 'Startup' = 'czkzdngoju'
- %WINDIR%\Explorer.EXE
- iexplore.exe
- <SYSTEM32>\sfpguitv.dll
- <SYSTEM32>\kayqw.exe
- 'su##10.org':80
- su##10.org/CMP/GN3I1Z2DTCF2DX85J1/command
- DNS ASK su##10.org
- '<IP-адрес в локальной сети>':1036