Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'HotKeysEngine' = 'C:\Cache\ModuleW.exe'
- '<LS_APPDATA>\Spoon\Sandbox\Setup\1.00.0022\local\stubexe\0x4DFA8844AD9ECE8D\Setup.exe'
- C:\Cache\ModuleW.exe
- <LS_APPDATA>\Spoon\Sandbox\Setup\1.00.0022\xsandbox.bin.__tmp__
- %TEMP%\SPOON\CACHE\0xDDF92E1520758D1B\sxs\Manifests\Setup.exe_0x90d863eafcea382c58eb0ac454c6ed86.1.manifest.__tmp__ в %TEMP%\SPOON\CACHE\0xDDF92E1520758D1B\sxs\Manifests\Setup.exe_0x90d863eafcea382c58eb0ac454c6ed86.1.manifest
- <LS_APPDATA>\Spoon\Sandbox\Setup\1.00.0022\local\stubexe\0x4DFA8844AD9ECE8D\Setup.exe.__tmp__ в <LS_APPDATA>\Spoon\Sandbox\Setup\1.00.0022\local\stubexe\0x4DFA8844AD9ECE8D\Setup.exe
- <LS_APPDATA>\Spoon\Sandbox\Setup\1.00.0022\xsandbox.bin.__tmp__ в <LS_APPDATA>\Spoon\Sandbox\Setup\1.00.0022\xsandbox.bin
- 'st###.spoon.net':443
- DNS ASK st###.spoon.net