Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'sysdire' = ''
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'syscon' = ''
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{1K44FR5T-M86S-18H3-U571-WN5LUA3IGK32}] 'StubPath' = '<SYSTEM32>\Coffin Of Evil.exe Restart'
- %TEMP%\s.exe
- <SYSTEM32>\rundll32.exe <SYSTEM32>\shimgvw.dll,ImageView_Fullscreen %TEMP%\ert.bmp
- <SYSTEM32>\Coffin Of Evil.exe
- <SYSTEM32>\plugin.dat
- %TEMP%\s.exe
- %TEMP%\ert.bmp
- 'localhost':288
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'ShImgVw:CPreviewWnd' WindowName: ''