Техническая информация
- [<HKLM>\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] 'spoolsvsd.exe' = '%WINDIR%\spoolsvsd.exe'
- %WINDIR%\spoolsvsd.exe
- %WINDIR%\spoolsvsd.exe
- 'ip##8.com':80
- 'ip##8.com':443
- '66##.vip':19898
- http://www.ip##8.com/
- http://20##.ip138.com/
- 'ip##8.com':443
- DNS ASK 66##.vip
- DNS ASK ip##8.com
- DNS ASK 20##.ip138.com