Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'Load' = '%HOMEPATH%\ServiceProfiles\logagent.exe'
- iexplore.exe
- %HOMEPATH%\serviceprofiles\logagent.exe
- %APPDATA%\remcos\logs.dat
- DNS ASK re####auto.ddns.net
- DNS ASK re####auto.dynu.net
- DNS ASK su####878.ddns.net
- DNS ASK su####878.dynu.net
- '%ProgramFiles(x86)%\internet explorer\iexplore.exe'