Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{502AFDE2-C2D7-BA75-20CE-475859CB9240}] 'StubPath' = '<SYSTEM32>\usrv16a.exe'
- %WINDIR%\Explorer.EXE
- <SYSTEM32>\usrv16a.exe
- 'ms##.#imoo.com.tw':80
- 'ms##.#imoo.com.tw':443
- DNS ASK ms##.#imoo.com.tw