Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%WINDIR%\system\winsma32.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Microsoft Defender' = '%WINDIR%\system\winsma32.exe'
- '%WINDIR%\system\winsma32.exe'
- %WINDIR%\system\winsma32.exe
- %WINDIR%\system\winsma32.exe
- '28############888fca74c785bd6cf5.bongoplayers.com':6979
- DNS ASK 28############888fca74c785bd6cf5.bongoplayers.com