Техническая информация
- '%APPDATA%\Roaming\maxtoun.exe'
- '<SYSTEM32>\rundll32.exe' "<SYSTEM32>\wininet.dll",DispatchAPICall 1
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings] 'ProxyOverride' = 'local'
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\analytics_google[1].js
- %APPDATA%\Roaming\maxtoun.exe
- 'we#####sso.hostreo.com':80
- we#####sso.hostreo.com/analytics_google.js
- DNS ASK we#####sso.hostreo.com
- ClassName: 'MS_WINHELP' WindowName: '(null)'
- ClassName: 'OleMainThreadWndClass' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'