Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Taskman' = '%APPDATA%\gwngy.exe'
- %WINDIR%\Explorer.EXE
- %APPDATA%\gwngy.exe
- %APPDATA%\gwngy.exe
- DNS ASK ap#.##uestick03.com
- DNS ASK se####.svrhost.cn
- 'ap#.##uestick03.com':8010
- 'se####.svrhost.cn':8010
- ClassName: 'Progman' WindowName: ''