Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\远程管理] 'Start' = '00000002'
- '%TEMP%\3693.exe'
- <SYSTEM32>\soft.ini
- %TEMP%\soft.ini
- %TEMP%\3693.exe
- %TEMP%\3693.exe
- %TEMP%\soft.ini
- 'wx####sg.3322.org':6688
- DNS ASK wx####sg.3322.org
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: '(null)' WindowName: 'Microsoft Remote Assistance Service7069'