Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{A9260CCB-B2B6-7B3B-D778-C92DBC5AEE18}] 'StubPath' = '<SYSTEM32>\server.exe'
- %TEMP%\sexy.exe
- %TEMP%\mgt.exe
- ClassName: 'pediy06' WindowName: ''
- ClassName: 'GBDYLLO' WindowName: ''
- ClassName: 'OLLYDBG' WindowName: ''
- <SYSTEM32>\server.exe
- %TEMP%\sexy.exe
- %TEMP%\mgt.exe
- 'to#####anoo.no-ip.biz':500
- 'to#####anoo.no-ip.biz':445
- 'to#####anoo.no-ip.biz':25
- 'to#####anoo.no-ip.biz':8080
- DNS ASK to#####anoo.no-ip.biz