Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Ghijkl Nopqrstu Wxy] 'Start' = '00000002'
- '%WINDIR%\atieclg.exe'
- '<SYSTEM32>\cmd.exe' /c afc9fe2f418b00a0.bat
- <Текущая директория>\afc9fe2f418b00a0.bat
- %WINDIR%\atieclg.exe
- 'www.ai###gji.com':8897
- '10#####982.f3322.org':9999
- '95###1.iego.cn':9999
- '95###1.wicp.net':9999
- DNS ASK www.ai###gji.com
- DNS ASK 10#####982.f3322.org
- DNS ASK 95###1.wicp.net
- DNS ASK 95###1.iego.cn
- DNS ASK bu#.##gongji.com