Техническая информация
- %WINDIR%\Tasks\DM_Install_Program.job
- [<HKLM>\SYSTEM\ControlSet001\Services\SampleService] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%TEMP%\101228.exe' = '%TEMP%\101228.exe:*:Enabled:DM'
- '%WINDIR%\NTService.exe' /i
- '%TEMP%\101228.exe'
- '%TEMP%\set16.exe'
- %WINDIR%\Delrixing.bat
- %WINDIR%\Delskynet.bat
- %WINDIR%\Temp\mssoak.exe
- %WINDIR%\NTSVC.ocx
- %TEMP%\set16.exe
- %TEMP%\101228.exe
- %WINDIR%\NTService.exe
- 'dm##.dmcast.com':80
- dm##.dmcast.com/setup/iebar.exe
- DNS ASK dm##.dmcast.com
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'