Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Nationalbww] 'Start' = '00000002'
- 'C:\ЅєЕёЕ©·ЎЗБЖ®.exe'
- 'C:\Broodwar.exe'
- '<SYSTEM32>\ggiogq.exe'
- 'C:\Server.exe'
- 'C:\ЅєЕёЕ©·ЎЗБЖ®+јіёнј.exe'
- '<SYSTEM32>\notepad.exe' C:\[ЎЪІА АРѕоБЦјјїд]ёі№цБЇ »зїлјіёнј.txt
- C:\ЅєЕёЕ©·ЎЗБЖ®.exe
- C:\[ЎЪІА АРѕоБЦјјїд]ёі№цБЇ »зїлјіёнј.txt
- C:\Broodwar.exe
- C:\Server.exe
- C:\ЅєЕёЕ©·ЎЗБЖ®+јіёнј.exe
- <SYSTEM32>\ggiogq.exe
- 'wi####34.codns.com':1234
- DNS ASK wi####34.codns.com
- ClassName: 'Shell_TrayWnd' WindowName: ''