Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{23546314-A3T5-66HG-HJOE-64FSFR35HN42}] 'StubPath' = '<SYSTEM32>\ozz.exe'
- %WINDIR%\Explorer.EXE
- <SYSTEM32>\ozz.exe
- 'fb###.zapto.org':4386
- '20#.#6.232.182':4386
- DNS ASK fb###.zapto.org
- DNS ASK microsoft.com
- ClassName: 'shell_traywnd' WindowName: ''