Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'YZ84L' = 'C://Windows//System32//YZ84.exe'
- <SYSTEM32>\YZ84.exe
- 'n.###t56.com':80
- n.###t56.com/log.php?b=###############
- n.###t56.com/cmd.php
- DNS ASK n.###t56.com
- ClassName: '' WindowName: 'Windows Taakbeheer'
- ClassName: '' WindowName: 'Windows Task Manager'
- ClassName: 'ConsoleWindowClass' WindowName: ''