Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '{PEHHV7Y5-19CT-KV8H-CVEA-2UB85EZ53Y1N}' = '"%APPDATA%\amd64_server-help-chm.ipsecpolicy.resources_31bf3856ad364e35_6.1.7600.16385_en-us_b...
- %APPDATA%\amd64_server-help-chm.ipsecpolicy.resources_31bf3856ad364e35_6.1.7600.16385_en-us_b3332d4fa9bc037f\config.json
- %APPDATA%\amd64_server-help-chm.ipsecpolicy.resources_31bf3856ad364e35_6.1.7600.16385_en-us_b3332d4fa9bc037f\config.json
- из <Полный путь к файлу> в %APPDATA%\amd64_server-help-chm.ipsecpolicy.resources_31bf3856ad364e35_6.1.7600.16385_en-us_b3332d4fa9bc037f\kbdth2.exe
- '10#.#80.48.68':21
- DNS ASK yi#.su