Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Services and Controller app' = '%TEMP%\services.exe'
- '%TEMP%\services.exe' [NEW]
- %TEMP%\services.exe
- %TEMP%\services.exe
- <SYSTEM32>\ctfmon.exe
- 'xg#.r00t.la':2319
- DNS ASK xg#.r00t.la
- ClassName: 'Indicator' WindowName: '(null)'