Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'jkgfdhdH' = '<SYSTEM32>:WinData.bat'
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{9F904496-5DE6-4369-7DDC-A969BE6128E4}] 'StubPath' = '<SYSTEM32>:WinData.bat'
- %WINDIR%\Explorer.EXE
- <SYSTEM32>:WinData.bat
- 'mt#.##blicvm.com':3466
- DNS ASK mt#.##blicvm.com
- ClassName: 'ConsoleWindowClass' WindowName: ''