Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'G3USSNET' = '\SBZGM4SNET\RISPNSNET.exe'
- C:\06068887.IMH
- 'www.4s##red.com':80
- 'localhost':1041
- 'to####wnloads.com':80
- www.4s##red.com/download/kluRskguba/DPR007.zip
- to####wnloads.com/CST/notify.php
- DNS ASK www.4s##red.com
- DNS ASK to####wnloads.com
- ClassName: '' WindowName: 'GINA Logon'