Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'mdlrrvpf' = '"<LS_APPDATA>\frgjrsar.exe"'
- '<SYSTEM32>\svchost.exe'
- <LS_APPDATA>\frgjrsar.exe
- '46.##5.192.139':8080
- '17#.#1.99.160':8080
- '67.##7.132.127':443
- '92.##0.237.66':443
- '94.##.42.161':443
- DNS ASK dn#.##ftncsi.com
- ClassName: 'Indicator' WindowName: '(null)'