Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Windows Audio Driver' = '"<SYSTEM32>\audiohd.exe"'
- скрытых файлов
- %TEMP%\dotnet.exe
- %TEMP%\net.exe
- <SYSTEM32>\audiohd.exe
- %CommonProgramFiles%\WUDHost.exe
- <SYSTEM32>\audiohd.exe
- %CommonProgramFiles%\WUDHost.exe
- 'wp#d':80
- 'ne#.##rypto.tech':80
- http://11#.#11.111.1/wpad.dat via wp#d
- http://ne#.##rypto.tech/gate.php
- DNS ASK wp#d
- DNS ASK ne#.##rypto.tech
- ClassName: 'EDIT' WindowName: ''
- '%TEMP%\dotnet.exe' -pack_install
- '%TEMP%\net.exe'
- '<SYSTEM32>\audiohd.exe'
- '%CommonProgramFiles%\WUDHost.exe'