Техническая информация
- [<HKLM>\SOFTWARE\Classes\easyanticheat\shell\open\command] '' = '<Полный путь к вирусу> -server "%1"'
- %TEMP%\qtmeoj
- %TEMP%\meayln
- %TEMP%\phqghu
- <SYSTEM32>\PerfStringBackup.TMP
- 'sa####.#asyanticheat.net':50300
- 'ea####ticheat.net':80
- 'mi###.#asyanticheat.net':50300
- 'ci###.#asyanticheat.net':50300
- 'ka###.#asyanticheat.net':50300
- ea####ticheat.net/get_clientinfo.php
- DNS ASK sa####.#asyanticheat.net
- DNS ASK ea####ticheat.net
- DNS ASK mi###.#asyanticheat.net
- DNS ASK ci###.#asyanticheat.net
- DNS ASK ka###.#asyanticheat.net
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'