Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] '{596e4935-4d3b-4a3c-842d-2efd1b3de598}' = 'hundi'
- '<SYSTEM32>\rundll32.exe' <SYSTEM32>\pjgerka.dll,windows
- %TEMP%\br1.exe
- <SYSTEM32>\pjgerka.dll
- %TEMP%\br1.exe
- 'www.ke###omir2.biz':80
- www.ke###omir2.biz/get.php?pa#########
- DNS ASK www.ke###omir2.biz
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'