Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Svc_System0] 'Start' = '00000002'
- C:\sus\syst.exe
- C:\sus\svcnoct.exe -service
- C:\sus\svcnoct.exe
- C:\sus\ssleay32.dll
- %TEMP%\VMS3.tmp
- C:\sus\syst.exe
- %TEMP%\VMS4.tmp
- C:\sus\libeay32.dll
- %TEMP%\VMS1.tmp
- C:\sus\Bin_.zip
- %TEMP%\VMS2.tmp
- C:\sus\svcnoct.exe
- C:\sus\syst.exe
- C:\sus\svcnoct.exe
- %TEMP%\VMS3.tmp
- %TEMP%\VMS4.tmp
- %TEMP%\VMS1.tmp
- %TEMP%\VMS2.tmp
- 'ky##ask.ru':80
- ky##ask.ru/Proxy/config.txt
- ky##ask.ru/Proxy/ips.php
- DNS ASK ky##ask.ru