Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '54rk' = ''
- <SYSTEM32>\applefalse.exe applefalse
- %WINDIR%\appledevice.exe
- %WINDIR%\applemsdesv.exe
- <SYSTEM32>\cmd.exe /c updataself.bat
- dnf.exe
- %WINDIR%\appledevice.exe
- <Текущая директория>\updataself.bat
- %WINDIR%\applemsdesv.exe
- %WINDIR%\getconfig.info
- <SYSTEM32>\applefalse.exe
- %WINDIR%\appledevice.exe
- %WINDIR%\applemsdesv.exe
- 'ks#####wbdf.webok.net':1314
- '12#.#0.108.249':667
- 'localhost':1036
- 'localhost':1038
- DNS ASK ks#####wbdf.webok.net