Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'kejogad' = 'Rundll32.exe "<SYSTEM32>\punawuw.dll" s'
- <SYSTEM32>\rundll32.exe "<SYSTEM32>\punawuw.dll" s
- <SYSTEM32>\punawuw.dll
- 'my###reak.com':80
- my###reak.com/cb/exe_in_db.php?ui##################################################
- DNS ASK my###reak.com