Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'WindowsHost' = '%APPDATA%\WinHost\svchost.exe'
- '%APPDATA%\WinHost\svchost.exe'
- '<SYSTEM32>\svchost.exe'
- %WINDIR%\Explorer.EXE
- %APPDATA%\WinHost\svchost.exe
- 'df###34342.net':80
- 'z3###7cgt2.net':80
- 'zx###23ks4.net':80
- 'xc###4k342.net':80
- 'dk###23ds2.net':80
- 'as###hjsd3.net':80
- 'ds###2ueve.net':80
- 'dh###4sd22.net':80
- 'sd###3ksd1.net':80
- df###34342.net/script.php
- z3###7cgt2.net/script.php
- zx###23ks4.net/script.php
- xc###4k342.net/script.php
- dk###23ds2.net/script.php
- as###hjsd3.net/script.php
- ds###2ueve.net/script.php
- dh###4sd22.net/script.php
- sd###3ksd1.net/script.php
- DNS ASK df###34342.net
- DNS ASK z3###7cgt2.net
- DNS ASK zx###23ks4.net
- DNS ASK xc###4k342.net
- DNS ASK dk###23ds2.net
- DNS ASK as###hjsd3.net
- DNS ASK ds###2ueve.net
- DNS ASK dh###4sd22.net
- DNS ASK sd###3ksd1.net
- ClassName: 'Indicator' WindowName: ''