Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\$RemoteServer] 'Start' = '00000002'
- <SYSTEM32>\RemoteServer.exe
- <SYSTEM32>\B_Server.dll
- %TEMP%\~url.ocx
- <SYSTEM32>\RemoteServer.exe
- <SYSTEM32>\systempz.ini
- <SYSTEM32>\RemoteServer.exe
- %TEMP%\~url.ocx
- 'ya###s.8866.org':8080
- DNS ASK ya###s.8866.org