Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\SampleService] 'Start' = '00000002'
- <SYSTEM32>\Ssam.exe
- <SYSTEM32>\Ssan.exe
- %WINDIR%\winh.exe
- %WINDIR%\anjo.exe
- <SYSTEM32>\Ssan.exe
- <SYSTEM32>\Ssam.exe
- %WINDIR%\winh.exe
- %WINDIR%\winp.exe
- %WINDIR%\anjo.exe
- 'localhost':1037
- 'tu###bzin.com':80
- tu###bzin.com/site/home
- DNS ASK tu###bzin.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''