Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\rmmtjk] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\rmmtjk] 'Start' = '00000000'
- [<HKLM>\SYSTEM\ControlSet001\Services\ssgakp] 'Start' = '00000000'
- [<HKLM>\SYSTEM\ControlSet001\Services\ssgakp] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\ssgakp] 'ImagePath' = 'system32\drivers\ssgakp.sys'
- <SYSTEM32>\rundll32.exe "<SYSTEM32>\rmmtjk",DllUnregisterServer
- %WINDIR%\Explorer.EXE
- NtSetValueKey, драйвер-обработчик: ssgakp.sys
- <SYSTEM32>\rmmtjk.dll
- <DRIVERS>\rmmtjk.sys
- <DRIVERS>\ssgakp.sys
- 'rp.#xkj.com':80
- rp.#xkj.com/tj/iiHEh6Qn74/s2q2KeHUOXmxVfPpZ8SfDISI4O+9z6ZjQSqNR+LWAOYhItldvELc0fHegFaN4RmIQuBG67ghZV3x3oBWjeEZiELgRuu4IWVeHxE5TkRhxcdf5bA+JMvsx
- DNS ASK rp.#xkj.com