Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'MSUPD32' = '%WINDIR%\wuaclt.exe'
- %WINDIR%\wuaclt.exe
- %TEMP%\1.tmp
- %WINDIR%\wuaclt.exe
- %TEMP%\1.tmp
- 'tw###.crabdance.com':443
- 'as##.#trangled.net':80
- 'as##.#trangled.net':443
- 'tw.##atnook.com':80
- 'tw.##atnook.com':443
- 'tw###.crabdance.com':80
- as##.#trangled.net/0000/a147531.asp
- tw###.crabdance.com/0000/a143171.asp
- tw.##atnook.com/0000/a126171.asp
- DNS ASK as##.#trangled.net
- DNS ASK tw###.crabdance.com
- DNS ASK tw.##atnook.com
- ClassName: 'Indicator' WindowName: ''