Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '89F62615' = '%APPDATA%\89F62615\bin.exe'
- '%WINDIR%\explorer.exe'
- <SYSTEM32>\cscript.exe
- %APPDATA%\89F62615\bin.exe
- %APPDATA%\89F62615\log.dat
- 'qe###kcrwghi.pw':80
- http://qe###kcrwghi.pw/F9ZyuoSHhJ/
- DNS ASK qe###kcrwghi.pw
- ClassName: 'Indicator' WindowName: ''