Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '<File name> Start' = '<Full path to file>'
- Handler for all processes: <PATH_SAMPLE>.01
- Handler for all processes: <PATH_SAMPLE>.01
- <PATH_SAMPLE>.02
- \\Device\\HarddiskVolume1\\Documents and Settings\\All Users\\Start Menu\\Programs\\\u0410rdam\u0430x K\u0435ylogger 4.8\\\u0410rdam\u0430x K\u0435ylogger 4.8.lnk
- \\Device\\HarddiskVolume1\\Muldrop\\\u0410sebn\u0430y K\u0435zmphhfs 4.8.mol_0
- <PATH_SAMPLE>.01
- %ALLUSERSPROFILE%\Application Data\<File name>\<File name>.004