Техническая информация
- [<HKLM>\System\CurrentControlSet\Services\diantz] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\diantz] 'ImagePath' = '"%WINDIR%\SysWOW64\diantz\diantz.exe"'
- 'diantz' "%WINDIR%\SysWOW64\diantz\diantz.exe"
- 'diantz' %WINDIR%\SysWOW64\diantz\diantz.exe
- из <Полный путь к файлу> в %WINDIR%\syswow64\diantz\diantz.exe
- '19#.#3.161.218':80
- '19#.#7.94.108':443
- http://19#.##.94.108:443/PgwBsN6z90eiNNQEvgG/cdZCemzrzuNVP6/tUe4xItBuY5Sq0IA1/wDuae7/xPMMFlWTr/eiABCyBHvwhxowsnp/ via 19#.#7.94.108