Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'XwrphdG' = 'C:\Arquivos de programas\SdgbihT\YvsytkF\XwrphdG.exe -Start'
- <SYSTEM32>\notepad.exe
- %TEMP%\80EB2F5C
- 'dl.##opbox.com':80
- dl.##opbox.com/u/78571101/index.html
- DNS ASK dl.##opbox.com
- ClassName: 'Indicator' WindowName: ''