Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'system32' = '<SYSTEM32>\systeme2.exe'
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{82C39693-BC15-550D-1E5B-D49D0FBC5C02}] 'StubPath' = '<SYSTEM32>\systeme2.exe'
- <SYSTEM32>\systeme2.exe
- 'ca####na.no-ip.biz':3460
- DNS ASK ca####na.no-ip.biz