Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'qq' = '%WINDIR%:wwwwww.exe'
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{DC859B0E-8307-0A39-07CC-8316FAEAB236}] 'StubPath' = '%WINDIR%:wwwwww.exe'
- %ALLUSERSPROFILE%\Application Data\DYA_PTKWPGFQBNVSEFRGF\1.0.0:$SS_DESCRIPTOR_SBXNV9VVGV1BFLKGTJBH4760WPL6YTGN0JDF4KGFSVF7VBCVP4GV
- %ALLUSERSPROFILE%\Desktop:$SS_DESCRIPTOR_SBXNV9VVGV1BFLKGTJBH4760WPL6YTGN0JDF4KGFSVF7VBCVP4GV
- %WINDIR%:wwwwww.exe
- %ALLUSERSPROFILE%\Application Data\DYA_PTKWPGFQBNVSEFRGF\1.0.0\Data\app.dat
- %ALLUSERSPROFILE%\Application Data\DYA_PTKWPGFQBNVSEFRGF\1.0.0\Data\updates.dat
- %APPDATA%\DYA_PTKWPGFQBNVSEFRGF\1.0.0\Data\dya.dat
- 'localhost':3460