Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'svchost' = '<Полный путь к вирусу>'
- <SYSTEM32>\wbem\Performance\WmiApRpl_new.ini
- '18#.#0.123.111':62038
- '18#.#0.123.111':23454
- '18#.#0.123.87':38499
- '18#.#0.123.111':58183
- '18#.#0.123.111':59020
- '18#.#0.123.111':32516
- '18#.#0.123.111':6046
- '18#.#0.123.111':51062
- ClassName: 'Indicator' WindowName: ''