Техническая информация
- %WINDIR%\Explorer.EXE
- <SYSTEM32>\svchost.exe
- svhost.exe
- <SYSTEM32>\svchost.exe
- %TEMP%\svhost.exe
- %ALLUSERSPROFILE%\Application Data\PKjgABJMTC\cfgi
- %ALLUSERSPROFILE%\Application Data\PKjgABJMTC\cfg
- 'po##.#inexmr.com':443
- DNS ASK po##.#inexmr.com
- '%TEMP%\svhost.exe'
- '<SYSTEM32>\svchost.exe' -c "%ALLUSERSPROFILE%\Application Data\PKjgABJMTC\cfgi"