Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\ctl2sec] 'ImagePath' = '<SYSTEM32>\rundll32.exe vordisa.dll,v1b2a3v4oo'
- [<HKLM>\SYSTEM\ControlSet001\Services\ctl2sec] 'Start' = '00000002'
- <DRIVERS>\secdrv.sys
- <DRIVERS>\secdrv.sys
- %WINDIR%\Explorer.EXE
- <SYSTEM32>\vordisa.dll
- %TEMP%\asdfsaf.sys.sys
- %TEMP%\asdfsaf.sys
- <SYSTEM32>\vordisa.dll
- %TEMP%\asdfsaf.sys
- %TEMP%\asdfsaf.sys.sys
- <DRIVERS>\secdrv.sys