Техническая информация
- 'C:\Extracted\el buenoooo.exe'
- '<SYSTEM32>\rundll32.exe' <SYSTEM32>\shimgvw.dll,ImageView_Fullscreen C:\Extracted\images.jpeg
- ClassName: 'pediy06' WindowName: '(null)'
- ClassName: 'GBDYLLO' WindowName: '(null)'
- ClassName: 'OLLYDBG' WindowName: '(null)'
- %APPDATA%\Microsoft\Crypto\RSA\S-1-5-21-2052111302-484763869-725345543-1003\a49e2717d3c2d358c0a8b3b1724ab6c9_23ef5514-3059-436f-a4a7-4cefaab20eb1
- %APPDATA%\Microsoft\Protect\S-1-5-21-2052111302-484763869-725345543-1003\Preferred
- %HOMEPATH%\Recent\Extracted.lnk
- %HOMEPATH%\Recent\images.lnk
- %APPDATA%\Microsoft\Protect\S-1-5-21-2052111302-484763869-725345543-1003\299c06e8-6128-4f69-8833-1c3e5896b1c9
- C:\Extracted\el buenoooo.exe
- %TEMP%\sfx.ini
- C:\Extracted\images.jpeg
- %TEMP%\sfx.ini
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'ShImgVw:CPreviewWnd' WindowName: '(null)'