Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Win32.crAcker.A' = '<SYSTEM32>\crAcker.exe'
- %WINDIR%\twunk_32.exe
- %WINDIR%\twain_32.dll
- %WINDIR%\vmmreg32.dll
- %WINDIR%\system\WINSPOOL.DRV
- %WINDIR%\winhlp32.exe
- %WINDIR%\TASKMAN.EXE
- %WINDIR%\NOTEPAD.EXE
- %WINDIR%\hh.exe
- %WINDIR%\regedit.exe
- %WINDIR%\sleep.exe
- %WINDIR%\sfk.exe
- C:\exc.exe
- C:\exc.exe
- <SYSTEM32>\crAcker.exe