Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'RegistryMonitor1' = '<SYSTEM32>\qtplugin.exe'
- <SYSTEM32>\qtplugin.exe
- 'ho##ail.com':25
- '67.##5.160.76':25
- '21#.#0.127.65':80
- '21#.#0.115.139':80
- 21#.#0.115.139/
- 21#.#0.127.65/
- DNS ASK Dn#####icIpConfig.com
- DNS ASK f.##.#ail.yahoo.com
- DNS ASK ho##ail.com
- ClassName: 'Shell_TrayWnd' WindowName: ''