Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Network Adapter Events] 'Start' = '00000002'
- '<SYSTEM32>\mshxsydm.exe' /service
- <SYSTEM32>\mshxsydm.exe
- 'sj#####-cbzwsvxyyfl.com':80
- '20#.#6.232.182':80
- sj#####-cbzwsvxyyfl.com/derminator/gate.php
- DNS ASK sj#####-cbzwsvxyyfl.com
- DNS ASK www.microsoft.com