Техническая информация
- [<HKLM>\SYSTEM\CONTROLSET003\Services\egaspy] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet002\Services\egaspy] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\egaspy] 'Start' = '00000002'
- '<SYSTEM32>\svchost.exe' -k egaspy
- <SYSTEM32>\ubhvgk.exe
- <SYSTEM32>\0003005a.sys
- '16#.#54.133.189':8181