Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'loadmxf.exe' = '%WINDIR%\TEMP\loadmxf.exe'
- %WINDIR%\Temp\loadmxf.exe
- C:\OATH.EXE
- %TEMP%\23025311.tmp
- C:\PEI.TMP
- C:\OATH.EXE
- C:\PEI.TMP
- 'f4####8.3322.org':2008
- DNS ASK f4####8.3322.org
- ClassName: 'Afx:400000:0' WindowName: ''
- ClassName: 'Indicator' WindowName: ''