Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'SystemReconf' = '%ALLUSERSPROFILE%\application data\sysreconf.exe'
- %ALLUSERSPROFILE%\Application Data\sysreconf.exe
- %ALLUSERSPROFILE%\Application Data\2Y7N9Ax0Pc1Bxa6UOCQ5HsIt68fPwA91D4Wn4h5fkmg731ND
- %ALLUSERSPROFILE%\Application Data\u190Dn5i3FJ6f111f3a87pftV1KI0FQ3qd37Hh3CuNGo3s0K
- %ALLUSERSPROFILE%\Application Data\sysreconf.exe
- %ALLUSERSPROFILE%\Application Data\2Y7N9Ax0Pc1Bxa6UOCQ5HsIt68fPwA91D4Wn4h5fkmg731ND
- %ALLUSERSPROFILE%\Application Data\u190Dn5i3FJ6f111f3a87pftV1KI0FQ3qd37Hh3CuNGo3s0K
- 'lo#.###uidbackdoor.com':80
- 'ft#.###uidbackdoor.com':21
- DNS ASK lo#.###uidbackdoor.com
- DNS ASK ft#.###uidbackdoor.com
- ClassName: 'Indicator' WindowName: ''