Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Windows Live Updater' = '%APPDATA%\app\winsock.exe'
- %APPDATA%\app\winsock.exe
- %APPDATA%\app\Set.bin
- %APPDATA%\app\winsock.exe
- 'cc#.#hclabs.net':80
- cc#.#hclabs.net/dBot/ip.php
- cc#.#hclabs.net/dBot/connect.php
- DNS ASK cc#.#hclabs.net