Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'tyuak' = 'rundll32.exe "%TEMP%\tyuak\tyuak.dll",DllRegisterServer'
- '<SYSTEM32>\rundll32.exe' "%TEMP%\tyuak\tyuak.dll",DllRegisterServer
- %TEMP%\tyuak\tyuak.dll
- %TEMP%\nsu2.tmp
- '10#.#06.163.136':80
- 10#.#06.163.136/blablabla?ya#######
- '23#.#55.255.250':1900
- ClassName: 'Indicator' WindowName: '(null)'