Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Ceeuvy walewa] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\SVKP] 'Start' = '00000002'
- '%PROGRAM_FILES%\Rujwgas ujwye\Geweeaxf.exe'
- '<SYSTEM32>\wscript.exe' "C:\6768.vbs"
- C:\6768.vbs
- %PROGRAM_FILES%\Rujwgas ujwye\Geweeaxf.exe
- <SYSTEM32>\SVKP.sys
- C:\6768.vbs
- 'www.1v##6.tk':1070
- DNS ASK www.1v##6.tk