Техническая информация
- [<HKLM>\System\CurrentControlSet\Services\lucServer] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\lucServer] 'ImagePath' = '%CommonProgramFiles(x86)%\uyaoye.exe'
- %CommonProgramFiles(x86)%\uyaoye.exe
- 'cl####.yaap.co.uk':54
- DNS ASK cl####.yaap.co.uk
- '%CommonProgramFiles(x86)%\uyaoye.exe'