Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '<SYSTEM32>\Common.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Audio Control] 'Start' = '00000001'
- %TEMP%\jac1.tmp.exe
- <SYSTEM32>\cmd.exe /c <SYSTEM32>\del09.bat
- <SYSTEM32>\ipconfig.exe
- %TEMP%\jac1.tmp.exe
- <SYSTEM32>\Audio.sys
- <SYSTEM32>\del09.bat
- %TEMP%\jac1.tmp.exe
- DNS ASK 28##g.com
- '8.#.8.8':1036
- ClassName: '' WindowName: ''