Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'suliges' = 'Rundll32.exe "<SYSTEM32>\rapeput.dll" s'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 'LoadAppInit_DLLs' = '00000001'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 'AppInit_DLLs' = '<SYSTEM32>\rapeput.dll'
- '<SYSTEM32>\rundll32.exe' "<SYSTEM32>\rapeput.dll" s
- <SYSTEM32>\rapeput.dll
- 'my####rnetcmd.com':80
- http://my####rnetcmd.com/cb/exe_in_db.php?ui##################################################
- DNS ASK my####rnetcmd.com