Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Network COMM] 'Start' = '00000002'
- <SYSTEM32>\alshmgr.exe
- <SYSTEM32>\cmd.exe /c %TEMP%\\DF345re.bat
- <SYSTEM32>\lsass.exe
- %TEMP%\DF345re.bat
- <SYSTEM32>\Tasktty.dll
- <SYSTEM32>\uidmngr.ini
- <SYSTEM32>\config.txt
- <SYSTEM32>\alshmgr.exe
- %TEMP%\DF345re.bat
- 'uf####8.wlyf.org':80
- DNS ASK uf####8.wlyf.org