Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Audio Service.exe' = '%APPDATA%\Microsoft\Audio Service.exe'
- %APPDATA%\Microsoft\Audio Service.exe
- %TEMP%\%tmp%.exe
- %WINDIR%\Temp\svhost.exe
- <SYSTEM32>\ping.exe 1.1.1.1 -n 1 -w 3000
- <SYSTEM32>\cmd.exe /c ""%APPDATA%\per.bat" "
- %TEMP%\%tmp%.exe
- %APPDATA%\Microsoft\Audio Service.exe
- %APPDATA%\per.bat
- %WINDIR%\Temp\svhost.exe
- %APPDATA%\Microsoft\Audio Service.exe
- %WINDIR%\Temp\svhost.exe
- %APPDATA%\Microsoft\Audio Service.exe
- 'tr#####horses.no-ip.org':82
- DNS ASK tr#####horses.no-ip.org
- '<IP-адрес в локальной сети>':1035
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''