Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\6to4] 'Start' = '00000002'
- %TEMP%\Zuma.exe
- <SYSTEM32>\Zumaa.exe
- <SYSTEM32>\winshel.dll
- %WINDIR%\Temp\~tmp4b6e085c.old
- <SYSTEM32>\Zumaa.exe
- %TEMP%\Zuma.exe
- <SYSTEM32>\Zumaa.exe
- 'wi###.#hinasblog.com.cn':8098
- DNS ASK ns#.#322.net
- DNS ASK ns#.#ray.net
- DNS ASK ns#.#hina.com
- DNS ASK wi###.#hinasblog.com.cn
- ClassName: 'Shell_TrayWnd' WindowName: ''