Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Windows Audio Driver' = '"<SYSTEM32>\audiohd.exe"'
- скрытых файлов
- %CommonProgramFiles%\WUDHost.exe
- <SYSTEM32>\audiohd.exe
- %CommonProgramFiles%\WUDHost.exe
- <SYSTEM32>\audiohd.exe
- %CommonProgramFiles%\WUDHost.exe
- <SYSTEM32>\audiohd.exe
- 'sh###ybot.com':80
- sh###ybot.com/Webpanel/gate.php
- DNS ASK sh###ybot.com