Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'a46sd64as6sd54' = '<SYSTEM32>\System32.exe'
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{529C5ED5-E4A3-2A8D-BB5B-51A125B12073}] 'StubPath' = '<SYSTEM32>\System32.exe'
- %HOMEPATH%\Templates\WsrTB.exe.exe
- %WINDIR%\Explorer.EXE
- <SYSTEM32>\System32.exe
- %HOMEPATH%\Templates\WsrTB.exe.exe
- %HOMEPATH%\Templates\WsrTB.exe.exe
- 'ej######erver2.zapto.org':8181
- 'ej######erver1.zapto.org':8181
- 'ej#####server.zapto.org':8181
- DNS ASK ej######erver2.zapto.org
- DNS ASK ej######erver1.zapto.org
- DNS ASK ej#####server.zapto.org