Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'kbrui' = '%WINDIR%\kbrui.exe'
- <SYSTEM32>\svchost.exe
- <SYSTEM32>\svchost.exe
- %WINDIR%\kbrui.exe
- %HOMEPATH%\ntuser.nls
- 'in#####gent.andorid.net':80
- 'in#####gent.andorid.net':443
- DNS ASK in#####gent.andorid.net