Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'eeffc8f27fed2dfd2d4661b710b7ca2b' = '"%APPDATA%\sevice.exe" ..'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'eeffc8f27fed2dfd2d4661b710b7ca2b' = '"%APPDATA%\sevice.exe" ..'
- %HOMEPATH%\Start Menu\Programs\Startup\eeffc8f27fed2dfd2d4661b710b7ca2b.exe
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%APPDATA%\sevice.exe' = '%APPDATA%\sevice.exe:*:Enabled:sevice.exe'
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%APPDATA%\sevice.exe" "sevice.exe" ENABLE
- '%APPDATA%\sevice.exe'
- %APPDATA%\sevice.exe
- 'no####6.hopto.org':1177
- DNS ASK no####6.hopto.org