Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'woiug9w8heg' = '"%APPDATA%\{%USERNAME%-woiug9w8heg}\{%USERNAME%-woiug9w8heg}\Desktop.ini\woiug9w8heg"'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Java12' = '%APPDATA%\Microsoft\Java12.exe'
- %APPDATA%\Microsoft\Java12.exe
- <SYSTEM32>\reg.exe ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "Java12" /t REG_SZ /d "%APPDATA%\Microsoft\Java12.exe" /f
- <SYSTEM32>\cmd.exe /c """%TEMP%\kFJIM.bat"" "
- %APPDATA%\{%USERNAME%-woiug9w8heg}\{%USERNAME%-woiug9w8heg}\Desktop.ini
- %APPDATA%\{%USERNAME%-woiug9w8heg}\{%USERNAME%-woiug9w8heg}\Winlogin.exe
- %TEMP%\kFJIM.bat
- %APPDATA%\Microsoft\Java12.exe
- %APPDATA%\{%USERNAME%-woiug9w8heg}\{%USERNAME%-woiug9w8heg}\Desktop.ini
- %APPDATA%\{%USERNAME%-woiug9w8heg}\{%USERNAME%-woiug9w8heg}\Winlogin.exe
- %TEMP%\kFJIM.bat
- ClassName: 'Indicator' WindowName: ''