Техническая информация
- [<HKLM>\SYSTEM\ControlSet003\Services\hnjhpe] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\ynjhpeca] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\hnjhpe] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet002\Services\hnjhpe] 'Start' = '00000002'
- '<SYSTEM32>\svchost.exe' -k hnjhpe
- NtQueryDirectoryFile, драйвер-обработчик: hnjhpe.sys
- NtDeviceIoControlFile, драйвер-обработчик: hnjhpe.sys
- <DRIVERS>\hnjhpe.sys
- <SYSTEM32>\hnjhpe.dll
- DNS ASK sf####612.3322.org