Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'Load' = '<Полный путь к файлу>'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'Load' = '%PROGRAMDATA%\WindowsApps\dasHost.exe'
- %PROGRAMDATA%\windowsapps\dashost.exe
- %PROGRAMDATA%\windowsapps\dashost.exe
- 'ya###.csgoblock.com':80
- 'localhost':80
- 'ca#.##eedns.tech':80
- 'ca#.##goblock.com':80
- http://ca#.##eedns.tech/order.php
- DNS ASK ya###.csgoblock.com
- DNS ASK su####-smiles.com
- DNS ASK ca#.##eedns.tech
- DNS ASK ca#.##curedns.site
- DNS ASK al####hu.mooo.com
- DNS ASK ca#.##nydns.space
- DNS ASK ca#.##nydns.tech
- DNS ASK ca#.#inydns.xyz
- DNS ASK ca#.##goblock.com
- '%PROGRAMDATA%\windowsapps\dashost.exe'