Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Controller' = '%WINDIR%\Controller.exe'
- %WINDIR%\Controller.exe
- %WINDIR%\Controller.exe
- %WINDIR%\Controller.exe
- %TEMP%\~DFA280.tmp
- 'ho####62.cafe24.com':80
- 'ru##r.me':80
- 'uf##e.wo.tc':80
- ho####62.cafe24.com/bot3/UID.txt
- ho####62.cafe24.com/bot3/IP.txt
- uf##e.wo.tc/etc/Info.txt
- ru##r.me/Pop/Text/Info2.txt
- DNS ASK ru##r.me
- DNS ASK ho####62.cafe24.com
- DNS ASK uf##e.wo.tc
- '<IP-адрес в локальной сети>':1036