Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Windows CPU-Call (RPC)] 'Start' = '00000002'
- '%WINDIR%\atiecls.exe'
- %WINDIR%\atiecls.exe
- 'www.ai###gji.com':8896
- 'localhost':2100
- 'vi###.wicp.net':2101
- DNS ASK www.ai###gji.com
- DNS ASK bu#.##gongji.com
- DNS ASK vi###.wicp.net