Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\System Check.lnk
- %WINDIR%\Explorer.EXE
- <SYSTEM32>\KwtuFBsMglDIzP.exe
- 'hf#####kqtxolqhmg.su':80
- http://id#####3ubrtmvm4.onion/ via hf#####kqtxolqhmg.su
- DNS ASK hf#####kqtxolqhmg.su
- ClassName: 'Shell_TrayWnd' WindowName: ''