Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'sysDrvHandler' = '%APPDATA%\drvhandler.exe'
- '%APPDATA%\Sdat.exe'
- %APPDATA%\drvhandler.exe
- %APPDATA%\Sdat.exe
- 'dd#####net.netau.net':80
- 'wp#d':80
- http://dd#####net.netau.net/target.ip
- http://dd#####net.netau.net/target.method
- http://dd#####net.netau.net/botlogger.php
- http://dd#####net.netau.net/target.port
- http://dd#####net.netau.net/proxy
- http://11#.#11.111.1/wpad.dat via wp#d
- http://dd#####net.netau.net/target
- http://dd#####net.netau.net/blog
- DNS ASK dd#####net.netau.net
- DNS ASK wp#d
- ClassName: 'Shell_TrayWnd' WindowName: ''