Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Windows_update_part2' = '<SYSTEM32>\casino_extensions.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Windows_update_part1' = '<SYSTEM32>\casino_extensions.exe'
- '<SYSTEM32>\casino_extensions.exe' /part2
- '<SYSTEM32>\casino_extensions.exe' /part1
- <SYSTEM32>\casino_extensions.exe
- <SYSTEM32>\casino_extensions.exe в <SYSTEM32>\Winlog885.exe
- <SYSTEM32>\casino_extensions.exe в <SYSTEM32>\Syn610ujj.exe
- 'ft#.#arod.ru':21
- 'ft#.#xtra.hu':21
- DNS ASK ft#.#arod.ru
- DNS ASK ft#.#xtra.hu