Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Зэ¶Ї] 'Start' = '00000002'
- C:\helpen.exe
- C:\server.exe
- <SYSTEM32>\sc.exe Create "Зэ¶Ї" binPath= "cmd /c start C:\helpen" type= own type= interact start= auto
- <SYSTEM32>\ping.exe -n 6 127.0.0.1
- <SYSTEM32>\cmd.exe /c %TEMP%\xytp.bat
- C:\xy.ini
- %TEMP%\xytp.bat
- C:\helpen.exe
- C:\server.exe
- C:\wmxd.ini
- C:\server.exe
- 'sh#####ngluo.3322.org':6688
- DNS ASK sh#####ngluo.3322.org
- ClassName: 'Shell_TrayWnd' WindowName: ''