Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'ACFE0209' = '%WINDIR%\ACFE0209\svchsot.exe'
- %WINDIR%\Tasks\At4.job
- %WINDIR%\Tasks\At5.job
- %WINDIR%\Tasks\At3.job
- %WINDIR%\Tasks\At1.job
- %WINDIR%\Tasks\At2.job
- '<SYSTEM32>\UnpackHan\RunZhun.exe'
- '<SYSTEM32>\net1.exe' start "Task Scheduler"
- %WINDIR%\ACFE0209\svchsot.exe
- <SYSTEM32>\UnpackHan\RunZhun.exe
- %TEMP%\nsx2.tmp
- 'localhost':2012
- 'www.rk###kffk.net':7777
- DNS ASK www.rk###kffk.net