Техническая информация
- [<HKLM>\software\Wow6432Node\microsoft\windows\CurrentVersion\Run] 'ÎÒµÄÆô¶¯Ïî' = '%WINDIR%\shouqan.exe'
- C:\ГЄГєГЁВЁГўГ«.txt
- %WINDIR%\shouqan.exe
- C:\ГЄГєГЁВЁГўГ«.txt
- %WINDIR%\shouqan.exe
- '11#.#5.134.61':85
- 'ba##u.com':80
- 'ba##u.com':443
- http://11#.##.134.61:85/houzi.txt via 11#.#5.134.61
- http://www.ba##u.com/
- 'ba##u.com':443
- DNS ASK ba##u.com