Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\xiezuuge] 'Start' = '00000002'
- <SYSTEM32>\wwmiwy.exe
- %WINDIR%\Temp\SE2.tmp
- <SYSTEM32>\wwmiwy.exe
- %TEMP%\SE1.tmp
- %WINDIR%\Temp\SE2.tmp
- %TEMP%\SE1.tmp
- 'ba####ys.gicp.net':8080
- DNS ASK ba####ys.gicp.net