Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'WindowsUpdate' = '%WINDIR%\Temp\taskmng.exe'
- '%WINDIR%\Temp\taskmng.exe'
- %WINDIR%\Temp\taskmng.exe
- '74.##5.232.51':443
- 'ne###.loi0n8o0.com':6697
- 'wp#d':80
- '45.#2.39.19':80
- http://45.#2.39.19/convert.php?ar########################
- http://11#.#11.111.1/wpad.dat via wp#d
- DNS ASK ne###.loi0n8o0.com
- DNS ASK si###.google.com
- DNS ASK wp#d
- ClassName: 'Indicator' WindowName: ''