Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\IPRIP] 'Start' = '00000002'
- <SYSTEM32>\sc.exe start iprip 'cmd /k whoami' 1
- <SYSTEM32>\rundll32.exe ieakui32.dll,RundllInstall IPRIP
- <SYSTEM32>\ieakui32.dll
- 'or#.#ooo.com':2120
- DNS ASK or#.#ooo.com