Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'c6c3f43fc43f35e3d62290dda7697c9c' = '"%APPDATA%\dlhost.exe" ..'
- [<HKLM>\Software\Microsoft\Windows\CurrentVersion\Run] 'c6c3f43fc43f35e3d62290dda7697c9c' = '"%APPDATA%\dlhost.exe" ..'
- %APPDATA%\microsoft\windows\start menu\programs\startup\c6c3f43fc43f35e3d62290dda7697c9c.exe
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%APPDATA%\dlhost.exe" "dlhost.exe" ENABLE
- %APPDATA%\dlhost.exe
- 'ku#####kteam3.no-ip.org':2008
- DNS ASK ku#####kteam3.no-ip.org
- '%APPDATA%\dlhost.exe'
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%APPDATA%\dlhost.exe" "dlhost.exe" ENABLE' (со скрытым окном)