Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Taskman' = 'C:\RECYCLER\S-1-5-21-4784018646-6204916910-247285772-9431\csisf.exe'
- System
- %WINDIR%\Explorer.EXE
- C:\RECYCLER\S-1-5-21-4784018646-6204916910-247285772-9431\csisf.exe
- C:\RECYCLER\S-1-5-21-4784018646-6204916910-247285772-9431\Desktop.ini
- C:\RECYCLER\S-1-5-21-4784018646-6204916910-247285772-9431\csisf.exe
- DNS ASK fo##.#avagames7.com
- 'fo##.#avagames7.com':4444