Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{2E65FD32-FC7C-B064-4B05-F9E960E09E47}] 'stubpath' = ''
- %WINDIR%\Explorer.EXE
- %PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE
- <SYSTEM32>\system\rundll32.exe
- <Полный путь к вирусу>-up.txt
- <SYSTEM32>\system\rundll32.exe
- 'sy#####011.hopto.org':81
- DNS ASK sy#####011.hopto.org