Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Hijklm Opqrstuv Xya] 'Start' = '00000002'
- '<SYSTEM32>\rundll32.exe' %TEMP%\\2424180.dll,Install
- '<SYSTEM32>\svchost.exe' -k "Hijklm Opqrstuv Xya"
- %WINDIR%\208736.dll
- %WINDIR%\203299.dll
- %TEMP%\2424180.dll
- 'localhost':811
- '18#.#01.37.103':811