Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\GrayPigeon_Hacker.com.cn] 'Start' = '00000002'
- '%TEMP%\№эЧўІб.exe'
- '%WINDIR%\Hacker.com.cn.exe'
- '%TEMP%\Load2.exe'
- 'C:\Load2.exe'
- 'C:\server.exe'
- %TEMP%\№эЧўІб.exe
- %WINDIR%\Hacker.com.cn.exe
- %TEMP%\Load2.exe
- C:\Load2.exe
- C:\server.exe
- %WINDIR%\Hacker.com.cn.exe
- C:\server.exe в killmdx
- 'www.we###ngkeji.com':80
- 'zl#####0917.f3322.org':2013
- www.we###ngkeji.com/ip.txt
- DNS ASK www.we###ngkeji.com
- DNS ASK zl#####0917.f3322.org
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'