Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'run' = 'c:\iyyjttmvs\start.lnk'
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\start.lnk
- 'C:\iyyjttmvs\csrss.exe' "c:\iyyjttmvs\mydll.dll",InitSkin
- C:\iyyjttmvs\start.lnk
- C:\iyyjttmvs\csrss.exe
- C:\iyyjttmvs\mydll.dll
- 'any':8086
- 'v2.#6yf.com':8086
- 'us##.#zone.qq.com':80
- '98.##6.0.218':805
- '98.##6.0.219':3201
- us##.#zone.qq.com/2838067011
- DNS ASK v2.#6yf.com
- DNS ASK us##.#zone.qq.com