Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'bifit_agent' = '%APPDATA%\BIFIT_A\agent.exe'
- %WINDIR%\syswow64\svchost.exe
- %WINDIR%\explorer.exe
- %APPDATA%\bifit_a\agent.exe
- %APPDATA%\bifit_a\javassist.jar
- %APPDATA%\bifit_a\bifit_agent.jar
- %APPDATA%\bifit_a\all.policy
- %APPDATA%\bifit_a\bifit_a.cfg
- '5.###.188.15':80
- DNS ASK ya.ru
- DNS ASK google.com
- '%APPDATA%\bifit_a\agent.exe'
- '%WINDIR%\syswow64\svchost.exe'