Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\PowerManager] 'Start' = '00000002'
- %WINDIR%\svchost.exe "%TEMP%\lol2.exe"
- %TEMP%\lol2.exe
- %TEMP%\lol1.exe
- %WINDIR%\svchost.exe
- %TEMP%\lol2.exe
- %TEMP%\lol1.exe
- 'ga####hero.aiq.ru':21
- DNS ASK ga####hero.aiq.ru