Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'java' = '<SYSTEM32>\isass.exe'
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{5B01BADE-7A5B-9661-8A33-7BAB401A834D}] 'StubPath' = '<SYSTEM32>\isass.exe'
- %WINDIR%\Explorer.EXE
- <SYSTEM32>\isass.exe
- 'sa####ad.zapto.org':1081
- DNS ASK sa####ad.zapto.org