Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'AppDomain' = '"%APPDATA%\AppDomain.exe"'
- '%APPDATA%\AppDomain.exe'
- %TEMP%\nsf5.tmp
- %TEMP%\nsg6.tmp\MPkDmkrjtnrNS
- %TEMP%\nsg6.tmp\bbTKkVhkDx.dll
- %APPDATA%\AppDomain.exe
- %TEMP%\nst2.tmp
- %TEMP%\nsc3.tmp\MPkDmkrjtnrNS
- %TEMP%\nsc3.tmp\bbTKkVhkDx.dll
- %TEMP%\nsg6.tmp\bbTKkVhkDx.dll
- %TEMP%\nsc3.tmp\bbTKkVhkDx.dll
- 'to####ps7.ddns.net':8888
- DNS ASK to####ps7.ddns.net
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'