Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\myservice] 'Start' = '00000002'
- <SYSTEM32>\myservice.exe /service
- <SYSTEM32>\RCX1.tmp
- <SYSTEM32>\myservice.exe
- <SYSTEM32>\myservice.exe
- 'se##er2.com':12345
- 'www.se##er1.com':80
- www.se##er1.com/downloader/comm.php?us####################
- www.se##er1.com/downloader/newuser.php
- DNS ASK se##er2.com
- DNS ASK www.se##er1.com
- '<IP-адрес в локальной сети>':1035