Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'data' = 'rundll32 "%HOMEPATH%\data.dll",_doNothingFunc@4'
- '<SYSTEM32>\rundll32.exe' "%HOMEPATH%\data.dll",_doNothingFunc@4
- %HOMEPATH%\data.dll
- %HOMEPATH%\data_txt
- 'bl##.araiex.org':80
- DNS ASK bl##.araiex.org
- ClassName: 'Indicator' WindowName: '(null)'