Техническая информация
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Client' = '%APPDATA%\windows defender.exe'
- %APPDATA%\microsoft\windows\start menu\programs\startup\windows defend.exe
- %APPDATA%\windows defender.exe
- 'fa####u.myq-see.com':3333
- DNS ASK fa####u.myq-see.com
- '%APPDATA%\windows defender.exe'