Техническая информация
- %WINDIR%\explorer.exe
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings] 'ProxyServer' = ''
- http://cd#.#oluobl.cn/appi/appi/hh006
- http://cd#.#utaopt.cn/API/General/lsrpu
- http://cd#.#goutt.com/API/General/theseven
- http://cd#.#goutt.com/api/userconfig/uc_36e2a279d286f136acd51a21a1b78018.json
- http://tu##utd.cn/api/r/ip
- http://cd#.#goutt.com/API/General/lsrpu
- http://mm##d.xyz/api/r/mcm
- DNS ASK cd#.#goutt.com
- DNS ASK xp#lmb
- DNS ASK ap##.#ame.qq.com
- DNS ASK cd#.#oluobl.cn
- DNS ASK cd#.#utaopt.cn
- DNS ASK cd#.#####t.com.cdn.dnsv1.com
- DNS ASK bc######.sched.sma.tdnsv5.com
- DNS ASK mm##d.xyz
- DNS ASK tu##utd.cn
- DNS ASK sp#.#aidu.com
- ClassName: 'ProgMan' WindowName: ''
- ClassName: 'SHELLDLL_DefView' WindowName: ''
- ClassName: 'SysListView32' WindowName: ''
- '<SYSTEM32>\ipconfig.exe' /flushdns' (со скрытым окном)
- '<SYSTEM32>\upnpcont.exe'
- '<SYSTEM32>\wbem\wmiprvse.exe'
- '<SYSTEM32>\ipconfig.exe' /flushdns