Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'azx' = '<SYSTEM32>\azx.exe'
- Средство контроля пользовательских учетных записей (UAC)
- <SYSTEM32>\azxClientId.txt
- <SYSTEM32>\azx.exe
- 'bo#.####ismyipaddress.com':80
- 'az#.#dns.net':80
- 'az#.#dns.net':7979
- http://az#.#dns.net/azx/log.php?cl####################################################
- http://bo#.####ismyipaddress.com/
- http://az#.#dns.net/azx/control/110691.txt
- http://az#.#dns.net/azx/keylogger.php
- DNS ASK bo#.####ismyipaddress.com
- DNS ASK az#.#dns.net