Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'Run' = '"%APPDATA%\Adobe\Manager.exe"'
- [<HKLM>\SYSTEM\ControlSet001\Services\BITS] 'Start' = '00000002'
- %APPDATA%\Adobe\Manager.exe
- %TEMP%\Launcher.exe
- %TEMP%\4.5971.exe
- 'hq###eoporn.com':80
- 'localhost':1035
- DNS ASK hq###eoporn.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'AutoHotkey' WindowName: '%TEMP%\Launcher.exe'