Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Microsoft Updater' = '%APPDATA%\folder\xxx.exe'
- %APPDATA%\folder\xminer.exe
- %TEMP%\aut1.tmp
- %APPDATA%\folder\xxx.exe
- %TEMP%\aut1.tmp
- 'ha#####rld.freeiz.com':80
- ha#####rld.freeiz.com/me2.php
- DNS ASK ha#####rld.freeiz.com
- ClassName: 'Shell_TrayWnd' WindowName: ''