Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'RNJEU' = 'regsvr32.exe /s "%APPDATA%\img.jpg" #uk56tjnfghjhg'
- '<SYSTEM32>\regsvr32.exe' /s "%APPDATA%\img.jpg" #uk56tjnfghjhg
- %APPDATA%\CRNJEUFUc.jpg
- %APPDATA%\img.jpg
- %APPDATA%\id
- '20#.#8.200.22':80
- 20#.#8.200.22/printm10/infx/s1/conta.php?ch################################################################################################
- 20#.#8.200.22/printm10/pr15.html
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''