Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'AgentEXE' = '%APPDATA%\Microsoft\AgentEXE2013_FB\uploader.exe --autorun'
- '%APPDATA%\Microsoft\AgentEXE2013_FB\uploader.exe' --autorun
- %APPDATA%\Microsoft\AgentEXE2013_FB\uploader.exe
- 'http://www.hx######shgenerator.cba.pl':80
- http://www.hx######shgenerator.cba.pl/file.php?id#######################
- DNS ASK http://www.hx######shgenerator.cba.pl
- ClassName: 'Indicator' WindowName: '(null)'