Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'SQ Platform' = '%TEMP%\services_c_3003.exe ?(?3?)? ?,??????'
- '%TEMP%\services_c_3003.exe'
- %HOMEPATH%\Desktop\Лж±гїґїґ.lnk
- %TEMP%\services_c_3003.exe
- 'k3.##kudown.com':5555
- 'k2.##kudown.com':5555
- 'k5.##kudown.com':5555
- 'k4.##kudown.com':5555
- 'co###.2881.com':80
- 'si######gwbk.blog.163.com':80
- 'k1.##kudown.com':5555
- 'k.###udown.com':5555
- co###.2881.com/count/count.asp?id#################
- si######gwbk.blog.163.com/
- DNS ASK k3.##kudown.com
- DNS ASK k2.##kudown.com
- DNS ASK k5.##kudown.com
- DNS ASK k4.##kudown.com
- DNS ASK co###.2881.com
- DNS ASK si######gwbk.blog.163.com
- DNS ASK k1.##kudown.com
- DNS ASK k.###udown.com
- ClassName: 'Shell_TrayWnd' WindowName: ''