Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'Load' = '"%TEMP%\0001d9e0.com"'
- <SYSTEM32>\svchost.exe
- %TEMP%\0001d9e0.com
- 'mu###tbass.com':80
- '8.#.8.8':53
- '8.#.4.4':53
- mu###tbass.com/panel/stat3.php
- DNS ASK mu###tbass.com