Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Microsoft KeyGen' = 'C:\Temp\MicrosoftUpdate.exe'
- C:\Temp\MicrosoftUpdate.exe
- 'ta###astan.com':80
- 'wp#d':80
- wp#d/wpad.dat
- ta###astan.com/heb/.v1/1nf3/index.php
- DNS ASK ta###astan.com
- DNS ASK wp#d
- ClassName: 'Indicator' WindowName: ''