Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'MSUPD32' = '%APPDATA%\wuaclt.exe'
- %APPDATA%\wuaclt.exe
- %APPDATA%\wuaclt.exe
- 'pi####es.wasson.com':443
- 'pi######.happyforever.com':8080
- 'pi######.happyforever.com':443
- 'gr#####g.hopewill.com':8080
- 'gr#####g.hopewill.com':443
- 'pi####es.wasson.com':8080
- DNS ASK pi######.happyforever.com
- DNS ASK pi####es.wasson.com
- DNS ASK gr#####g.hopewill.com
- ClassName: 'Indicator' WindowName: ''