Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{bavcdkzj-vrjc-ggkf-leja-dxnp76lapchw}] 'stubpath' = ''
- <SYSTEM32>\assembly\injyqkarh.exe ZhuDong
- %TEMP%\117812_res.tmp
- <SYSTEM32>\assembly\injyqkarh.exe
- <SYSTEM32>\assembly\injyqkarh.exe_lang.ini
- 'ta##.#erveblog.net':3434
- DNS ASK ta##.#erveblog.net