Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'CPU Config' = '"%TEMP%\udpconf1.exe"'
- "%TEMP%\downloaded.exe" (загружен из сети Интернет)
- <SYSTEM32>\cmd.exe /c """%TEMP%\help.bat"" "
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\mrav[1].exe
- %TEMP%\downloaded.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\mrav[1].exe
- %TEMP%\udpconf1.exe
- %TEMP%\help.bat
- %TEMP%\miner.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\mrav[1].exe
- 'localhost':1041
- 'pi#.#eepbit.net':8332
- 'localhost':1039
- 'ra###share.com':80
- ra###share.com/files/151421258/mrav.exe
- DNS ASK pi#.#eepbit.net
- DNS ASK ra###share.com
- ClassName: 'Indicator' WindowName: ''