Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\svrcey] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\bootlqso] 'Start' = '00000002'
- <SYSTEM32>\bootlqso.exe
- NtQuerySystemInformation, драйвер-обработчик: svrcey.sys
- <SYSTEM32>\bootlqso.exe
- %TEMP%\temp_205531.bat
- <SYSTEM32>\stubccfx.msc
- <SYSTEM32>\000322CB.tmp
- <SYSTEM32>\00031FDD.tmp
- <SYSTEM32>\kload.nld
- <SYSTEM32>\000322CB.tmp в <DRIVERS>\svrcey.sys
- <SYSTEM32>\00031FDD.tmp в <SYSTEM32>\bootlqso.exe
- DNS ASK tr####atlant.com