Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'msiujfjgsha' = '%CommonProgramFiles%\imea.exe s'
- <SYSTEM32>\svchost.exe
- %CommonProgramFiles%\imea.exe
- %TEMP%\1.tmp
- '61.##0.228.138':80
- 'td#####es.freeddns.com':443
- 'td#####es.freeddns.com':80
- 'mi#######office.3utilities.com':443
- 'mi#######office.3utilities.com':80
- '61.##0.228.138':443
- td#####es.freeddns.com/View?id################
- 61.##0.228.138/View?id################
- mi#######office.3utilities.com/View?id################
- DNS ASK td#####es.freeddns.com
- DNS ASK mi#######office.3utilities.com
- '<IP-адрес в локальной сети>':1033
- ClassName: 'Indicator' WindowName: ''