Техническая информация
- '%TEMP%\system\sochost.exe'
- '<SYSTEM32>\sc.exe' config winmgmt start= demand
- '<SYSTEM32>\cacls.exe' "%PROGRAM_FILES%\E-yoo\EyooSechelper2.dll" /e /d everyone
- '<SYSTEM32>\regsvr32.exe' /s "<SYSTEM32>\MSWINSCK.OCX"
- <SYSTEM32>\MSWINSCK.OCX
- %TEMP%\~DF18A3.TMP
- %TEMP%\system\sochost.exe
- %TEMP%\system\file.ini
- 'to####.baigou51.com':8899
- DNS ASK to####.baigou51.com