Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Microsoft Service Helper' = '%APPDATA%\SystemHelper\svchost.exe'
- '<SYSTEM32>\attrib.exe' +S +H "%APPDATA%\SystemHelper" /D /S
- %APPDATA%\SystemHelper\svchost.exe
- 'wo#######b.chickenkiller.com':80
- wo#######b.chickenkiller.com/ingodwetrust.html
- DNS ASK wo#######b.chickenkiller.com
- ClassName: 'Indicator' WindowName: '(null)'