Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'DarkCometRAT' = 'C:\test\microsoft.exe'
- 'C:\test\microsoft.exe'
- '%TEMP%\KeyGen Starcraft.exe'
- '%TEMP%\hack.exe'
- C:\test\microsoft.exe
- %TEMP%\KeyGen Starcraft.exe
- %TEMP%\hack.exe
- C:\test\microsoft.exe
- 'any':6000
- 'dr#####ack.no-ip.info':6000
- DNS ASK dr#####ack.no-ip.info
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'Indicator' WindowName: '(null)'