Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '731d03397a55ffde8e92f01cfb162665' = '"%TEMP%\Window.exe" ..'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '731d03397a55ffde8e92f01cfb162665' = '"%TEMP%\Window.exe" ..'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '' = '%TEMP%\oAtUjgBR.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '' = '%TEMP%\UeVWzUdU.exe'
- '%TEMP%\Window.exe'
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%TEMP%\Window.exe" "Window.exe" ENABLE
- '<SYSTEM32>\reg.exe' add "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /f /v "" /t REG_SZ /d "%TEMP%\UeVWzUdU.exe
- '<SYSTEM32>\reg.exe' add "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /f /v "" /t REG_SZ /d "%TEMP%\oAtUjgBR.exe
- %TEMP%\UeVWzUdU.exe
- %TEMP%\Window.exe
- %TEMP%\oAtUjgBR.exe
- 'localhost':5552
- ClassName: 'Indicator' WindowName: ''