Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Server' = '<LS_APPDATA>\server.exe'
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{EDED39F4-F7EB-4BAA-9B53-304C7F1FEC17}] 'StubPath' = '<LS_APPDATA>\server.exe'
- '<LS_APPDATA>\server.exe'
- '<SYSTEM32>\cmd.exe' /c ""<LS_APPDATA>\melt.bat" "
- ClassName: 'OLLYDBG' WindowName: '(null)'
- <LS_APPDATA>\melt.bat
- <LS_APPDATA>\server.exe
- 'localhost':6622
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'Indicator' WindowName: '(null)'