Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%WINDIR%\nesster.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '<SYSTEM32>\nester.exe'
- %WINDIR%\nesster.exe
- <SYSTEM32>\nester.exe
- 'co#####les.zapto.org':80
- co#####les.zapto.org/catalogos.php
- DNS ASK co#####les.zapto.org