Техническая информация
- [<HKLM>\SYSTEM\ControlSet003\Services\bffb] 'Start' = '00000001'
- [<HKLM>\SYSTEM\ControlSet002\Services\bffb] 'Start' = '00000001'
- [<HKLM>\SYSTEM\ControlSet001\Services\bffb] 'Start' = '00000001'
- '<SYSTEM32>\cmd.exe' /c %TEMP%\be5bd36b197819ec3bffda0933a86000.bat
- <SYSTEM32>\bffb.sys
- %TEMP%\be5bd36b197819ec3bffda0933a86000.bat
- '20#.#52.161.139':7022