Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Host Generic Process] 'Start' = '00000002'
- <DRIVERS>\svchost.exe
- %TEMP%\build.exe
- %TEMP%\PRCR-Bot.exe
- <DRIVERS>\svchost.exe
- C:\Documents and Settings\LocalService\Local Settings\Application Data\sLT.exf
- %TEMP%\PRCR-Bot.exe
- %TEMP%\build.exe
- 'e2.##te90.com':80
- e2.##te90.com/
- DNS ASK e2.##te90.com
- ClassName: 'Shell_TrayWnd' WindowName: ''