Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'SYSTEM' = 'intall.exe'
- <SYSTEM32>\taskkill.exe /f /t /im RSTray.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\ip[1].txt
- <SYSTEM32>\install.exe
- 'ha####ou.ucoz.com':80
- ha####ou.ucoz.com/ip.txt
- DNS ASK ha####ou.ucoz.com
- ClassName: '' WindowName: ''