Техническая информация
- [<HKLM>\SYSTEM\ControlSet002\Services\bffb] 'Start' = '00000001'
- [<HKLM>\SYSTEM\ControlSet001\Services\bffb] 'Start' = '00000001'
- '<SYSTEM32>\cmd.exe' /c %TEMP%\a8698dc65ed6806be0e9b61983dce158.bat
- <SYSTEM32>\bffb.sys
- %TEMP%\a8698dc65ed6806be0e9b61983dce158.bat
- '20#.#52.248.45':10101