Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\ciuY.lnk
- %HOMEPATH%\Start Menu\Programs\Startup.lnk
- C:\TTcfC\RdepIXPn\ciuY\TTcfC.vbs
- 'pa###-dark.com':443
- DNS ASK pa###-dark.com
- '<SYSTEM32>\wscript.exe' "C:\TTcfC\RdepIXPn\ciuY\TTcfC.vbs"
- '<SYSTEM32>\cmd.exe' /c start C:\TTcfC\RdepIXPn\ciuY\\TTcfC.vbs