Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Taskman' = '%APPDATA%\sylwpx.exe'
- %WINDIR%\Explorer.EXE
- %APPDATA%\sylwpx.exe
- %APPDATA%\sylwpx.exe
- DNS ASK bf##.7oorq8.com
- DNS ASK bf#.#oorq8.com
- 'bf##.7oorq8.com':8008
- 'bf#.#oorq8.com':8008
- ClassName: 'Progman' WindowName: ''