Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'WuLiuInfo' = '<SYSTEM32>\GetWuliuMon.exe'
- '<SYSTEM32>\GetWuliuMon.exe'
- <SYSTEM32>\GetWuLiuHook.dll
- <SYSTEM32>\GetWuliuMon.exe
- 'yt##.ali114.net':20001
- DNS ASK yt##.ali114.net
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'ThunderRT6FormDC' WindowName: ''