Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Control\SecurityProviders] 'SecurityProviders' = 'msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, AyyomhucCuml.dll'
- <SYSTEM32>\rundll32.exe "<SYSTEM32>\AyyomhucCuml.dll",EntryPoint
- %WINDIR%\Explorer.EXE
- <SYSTEM32>\AyyomhucCuml.dll
- '67.##5.160.76':25
- DNS ASK YA##O.Com
- DNS ASK go###mahen.com
- '<IP-адрес в локальной сети>':1035
- ClassName: 'Shell_TrayWnd' WindowName: ''