Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%WINDIR%\orno10.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '<SYSTEM32>\D3j3nr0b4r.exe'
- 'la###remios.in':80
- la###remios.in/ganzo/server.php
- DNS ASK la###remios.in
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: ''