Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Mnopqr Tuvwxyab Def] 'ImagePath' = '%WINDIR%\xxs.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Mnopqr Tuvwxyab Def] 'Start' = '00000002'
- '%WINDIR%\xxs.exe'
- %WINDIR%\xxs.exe
- <Полный путь к файлу> в %TEMP%\19491c
- 'localhost':811
- 'localhost':822
- '42.#1.45.51':1010
- 'localhost':833