Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] 'DCOM Server 25319' = '{2C1CD3D7-86AC-4068-93BC-A02304B25319}'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] '{2C1CD3D7-86AC-4068-93BC-A02304B25319}' = 'DCOM Server 25319'
- <SYSTEM32>\rundll32.exe "<SYSTEM32>\jimma.dll",run
- <SYSTEM32>\jimma.dll
- '75.#26.21.2':25319