Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'host64' = '%APPDATA%\windowscmd.exe'
- %APPDATA%\windowscmd.exe
- %APPDATA%\tmp.tmp
- 'ra####555.no-ip.org':15963
- DNS ASK ra####555.no-ip.org
- ClassName: 'Indicator' WindowName: ''