Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Windows' = '%TEMP%\cmd.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'side' = '%HOMEPATH%\Templates\side.exe'
- '%TEMP%\cmd.exe'
- %TEMP%\cmd.exe
- %HOMEPATH%\Templates\side.exe
- %TEMP%\cmd.exe
- %TEMP%\cmd.exe
- 'bt####.no-ip.info':666
- DNS ASK bt####.no-ip.info
- ClassName: 'Indicator' WindowName: '(null)'