Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'lsass.exe' = '"%TEMP%\lsass.exe"'
- %WINDIR%\NOTEPAD.EXE
- <SYSTEM32>\svchost.exe
- %TEMP%\lsass.exe
- '4g######ain.dyndns-free.com':1604
- DNS ASK 4g######ain.dyndns-free.com
- ClassName: 'Indicator' WindowName: ''