内核级后门代码.它插入Explorer.exe服务启动，并且恢复sst过主动拦截防御。使用了内核驱动程序，bindshell后门功能，以及下载者功能。-Kernel-level backdoor code it into the Explorer.exe service starts, and restore their own initiative to intercept sst defense. Using a kernel driver, bindshell backdoor funct