Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{2BB5BAA6-2C06-893C-0600-050807020807}] 'StubPath' = '<SYSTEM32>\conpr.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\resdr32] 'Start' = '00000001'
- %WINDIR%\Explorer.EXE
- <SYSTEM32>\conpr.exe
- %APPDATA%\resdr32.sys
- <DRIVERS>\resdr32.sys
- %APPDATA%\resdr32.sys в <DRIVERS>\resdr32.sys
- 'co####53ll.kmip.net':8000
- 'jt####cn01.3322.org':8000
- 'jh####.meibu.com':8000
- DNS ASK co####53ll.kmip.net
- DNS ASK jt####cn01.3322.org
- DNS ASK jh####.meibu.com