Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'TcpIpCfg' = 'Rundll32 "%APPDATA%\ohnanfl.dll" MainThread'
- '<SYSTEM32>\rundll32.exe' "%APPDATA%\ohnanfl.dll" MainThread
- %APPDATA%\ohnanfl.dll
- 'www.pp##u.com':80
- www.pp##u.com/mail.asp?MA############
- DNS ASK www.pp##u.com
- ClassName: 'Indicator' WindowName: '(null)'