Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'SetUp' = 'rundll32.exe "%APPDATA%\tempf.jpg",_server9'
- '<SYSTEM32>\rundll32.exe' "%APPDATA%\tempf.jpg",_server9
- %APPDATA%\tempf.jpg
- 'ho###200.com.br':80
- 'localhost':1036
- http://ho###200.com.br/martin/file0193.rar
- DNS ASK ho###200.com.br
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''