Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Windows' = '%TEMP%\TgL1ZiL1.exe'
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{36A5A0DB-297E-FDE2-0501-060104070800}] 'StubPath' = '%TEMP%\TgL1ZiL1.exe'
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\index[1].php
- 'up####-softing.com':80
- up####-softing.com/index.php?id#################################################################################
- DNS ASK up####-softing.com
- ClassName: 'Indicator' WindowName: '(null)'