Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\UpdateNf] 'Startup' = 'WinlogonStartupEvent'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\UpdateNf] 'DllName' = 'updatenf.dll'
- <SYSTEM32>\raidmg.dll
- <SYSTEM32>\api.dat
- <SYSTEM32>\kbdatat4.dll
- <SYSTEM32>\api32.dll
- <SYSTEM32>\updatenf.dll
- '74.##5.232.51':80
- DNS ASK gr###galitz.com
- DNS ASK gw#.eod.cc
- DNS ASK www.google.com
- DNS ASK an##aws.com