Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\UpdateNf] 'Startup' = 'WinlogonStartupEvent'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\UpdateNf] 'DllName' = 'updatenf.dll'
- <SYSTEM32>\raidmg.dll
- <SYSTEM32>\api.dat
- <SYSTEM32>\api32.dll
- <SYSTEM32>\updatenf.dll
- 'an##aws.com':80
- '74.##5.232.51':80
- an##aws.com/bootstrap/skulls.php?ne################################
- DNS ASK an##aws.com
- DNS ASK www.google.com
- ClassName: 'Shell_TrayWnd' WindowName: ''