Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Taskman' = '%APPDATA%\grse.exe'
- %WINDIR%\Explorer.EXE
- %APPDATA%\grse.exe
- %APPDATA%\grse.exe
- DNS ASK fd####fhdf.estr.es
- DNS ASK lo#.###gosnextel.com
- 'fd####fhdf.estr.es':7687
- 'lo#.###gosnextel.com':7687
- ClassName: 'Progman' WindowName: ''