Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Services] 'Start' = '00000002'
- '%WINDIR%\alg.exe' /service
- '<SYSTEM32>\cmd.exe' /c <Текущая директория>\$$a1183$$.bat
- <Текущая директория>\$$a1183$$.bat
- %WINDIR%\alg.exe
- '12#####53.go1.icpcn.com':80
- 12#####53.go1.icpcn.com/ip.txt
- DNS ASK 12#####53.go1.icpcn.com