Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'HotKeysEngine' = 'C:\Cache\ModuleW.exe'
- '<SYSTEM32>\msiexec.exe' /V
- %TEMP%\Wingman.msi
- %TEMP%\36f74.msi
- <LS_APPDATA>\Spoon\Sandbox\Setup\1.00.0017\xsandbox.bin.__tmp__
- C:\Cache\ModuleW.exe
- <LS_APPDATA>\Spoon\Sandbox\Setup\1.00.0017\xsandbox.bin.__tmp__ в <LS_APPDATA>\Spoon\Sandbox\Setup\1.00.0017\xsandbox.bin
- 'st###.spoon.net':443
- DNS ASK st###.spoon.net
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'