Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '<SYSTEM32>\sk\ctfmon.exe' = '<SYSTEM32>\sk\ctfmon.exe'
- '<SYSTEM32>\sk\ctfmon.exe'
- <SYSTEM32>\sk\ctfmon.exe
- <SYSTEM32>\sk\ctfmon.exe
- 'bl####now.esy.es':80
- 'wp#d':80
- bl####now.esy.es/BS/File.txt
- bl####now.esy.es/BS/Version.txt
- wp#d/wpad.dat
- DNS ASK bl####now.esy.es
- DNS ASK wp#d
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''