Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'winserv.exe' = 'C:\ProgramData\winserv.exe'
- C:\ProgramData\winserv.exe
- C:\ProgramData\winserv.exe
- 'bu######anddaughters.co.uk':80
- bu######anddaughters.co.uk/uploads/files/KYLES8.jpg
- DNS ASK bu######anddaughters.co.uk
- ClassName: 'Indicator' WindowName: ''