Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'sys32' = 'c:\sys32.exe'
- C:\logger.exe
- %WINDIR%\regedit.exe /e "c:\by M-UNIT\Mail.Ru_Agent.reg" "HKEY_CURRENT_USER\Software\Mail.Ru\"
- C:\by M-UNIT\User_%USERNAME%_Comp_USER-4BB09A9C02.zip
- C:\logger.exe
- C:\sys32.exe
- C:\logger.exe
- C:\sys32.exe
- 'xx##ker.ru':80
- xx##ker.ru/file_test.php
- DNS ASK xx##ker.ru
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''