Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'y?OA\ o' = '\ЀìZ)Uèq{‡h^'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'oCOE°poy' = '\ЀìZ)Uèq{‡h^'
- <SYSTEM32>\cmd.exe /c """%TEMP%\JkNLsj.bat"" "
- C:\bИiZ)Ueq{Зh^
- %TEMP%\JkNLsj.bat
- ClassName: 'Indicator' WindowName: ''