Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'e33b6346924ed50479357af7b47872ae' = '"%TEMP%\Download Manager.exe" ..'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'e33b6346924ed50479357af7b47872ae' = '"%TEMP%\Download Manager.exe" ..'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%TEMP%\Download Manager.exe' = '%TEMP%\Download Manager.exe:*:Enabled:Download Manager.exe'
- '%TEMP%\Download Manager.exe'
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%TEMP%\Download Manager.exe" "Download Manager.exe" ENABLE
- %TEMP%\Download Manager.exe
- 'xx###.###vecounterstrike.com':1172
- DNS ASK xx###.###vecounterstrike.com
- ClassName: 'Indicator' WindowName: '(null)'