Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\explorer.exe] 'Debugger' = '<SYSTEM32>\feelgood.exe'
- <SYSTEM32>\svchost.exe
- <SYSTEM32>\b47ba4aaf4ec251c654c457c
- <SYSTEM32>\e36a339a73d6b40a443af46b2.dll
- <SYSTEM32>\feelgood.exe
- '11#.#1.173.12':5330