Техническая информация
- [<HKLM>\System\CurrentControlSet\Services\D1C3NqKnH] 'ImagePath' = '%WINDIR%\D1C3NqKnH.sys'
- [<HKLM>\System\CurrentControlSet\Services\D1C3NqKnH] 'Start' = '00000001'
- Изменяет DNS-сервер на '114.114.114.114'
- Изменяет DNS-сервер на '<DNS_SERVER>'
- %WINDIR%\d1c3nqknh.sys
- <DRIVERS>\uzv1pxvq.sys
- '22#.#9.68.50':80
- '1.##4.187.4':80
- http://si###torage.com/yun2016/Atshz.txt
- http://si###torage.com/yun2016/B64d.rar
- http://go.###gxinsys.com/data.php?t=#####
- http://go.###gxinsys.com/xinlistj.rar
- http://go.###gxinsys.com/listh.rar
- http://go.###gxinsys.com/md5exe.rar
- http://go.###gxinsys.com/exeFeatureCode.rar
- http://go.###gxinsys.com/updata64.php?t=#######
- http://go.###gxinsys.com/updata64.rar
- DNS ASK si###torage.com
- DNS ASK ba##u.com
- DNS ASK go.###gxinsys.com