Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%WINDIR%\idiecx.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '<SYSTEM32>\Rl92o.exe'
- %WINDIR%\idiecx.exe
- <SYSTEM32>\Rl92o.exe
- 'www.he####osyaipen.info':80
- www.he####osyaipen.info/socios/datos.php
- DNS ASK www.he####osyaipen.info
- '<IP-адрес в локальной сети>':1036