Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls] 'okeaggrj' = '<SYSTEM32>\btgygjo.dll'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'okeaggrj' = '"%ALLUSERSPROFILE%\Application Data\okeaggrj.exe"'
- '%ALLUSERSPROFILE%\Application Data\okeaggrj.exe' /sd 2844
- %WINDIR%\Explorer.EXE
- chrome.exe
- <SYSTEM32>\btgygjo.dll
- %ALLUSERSPROFILE%\Application Data\okeaggrj.exe
- ClassName: 'Indicator' WindowName: '(null)'