Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\MediaCenter] 'Start' = '00000002'
- 'C:\SSM.exe'
- 'C:\protected.exe'
- '<SYSTEM32>\svchost.exe' -k krnlsrvc
- %TEMP%\128546_Ojie.xml
- C:\protected.exe
- C:\SSM.exe
- <SYSTEM32>\Premlng.src
- C:\protected.exe
- %TEMP%\128546_Ojie.xml в <SYSTEM32>\Premlng.src
- 'ma####7.mireene.com':80
- ma####7.mireene.com/ip.txt
- DNS ASK ma####7.mireene.com
- ClassName: 'Shell_TrayWnd' WindowName: ''