Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'jushed' = '<SYSTEM32>\jushed.exe'
- chrome.exe
- firefox.exe
- <SYSTEM32>\jushed.exe
- %TEMP%\=}~1.tmp
- 'fw#.#1sf.com':80
- http://fw#.#1sf.com/link.txt
- DNS ASK fw#.#1sf.com
- '<SYSTEM32>\jushed.exe'