Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'MSIME' = '<SYSTEM32>:mscime.exe'
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{5F1C2C8F-4706-8D8E-5097-353517C7D788}] 'StubPath' = '<SYSTEM32>:mscime.exe'
- %WINDIR%\Explorer.EXE
- <SYSTEM32>:mscime.exe
- 'do######path.ftpserver.biz':80
- 'do######path.ftpserver.biz':443
- DNS ASK do######path.ftpserver.biz
- '<IP-адрес в локальной сети>':1034