Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '{VBND2E-OPIER-KHFGEYU-KDJEUE2}' = '%APPDATA%\sma\sma.exe'
- '<SYSTEM32>\notepad.exe'
- %WINDIR%\Explorer.EXE
- 'sa####400.no-ip.biz':1167
- DNS ASK sa####400.no-ip.biz
- ClassName: 'Indicator' WindowName: ''