Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'reliance' = '%HOMEPATH%\Start Menu\Programs\reliance.exe'
- %HOMEPATH%\Start Menu\Programs\reliance.exe ONCE
- <SYSTEM32>\cmd.exe /c ""%TEMP%\reliance.bat" "
- %TEMP%\reliance.bat
- %HOMEPATH%\Start Menu\Programs\reliance.exe
- 'au######on.whatismyip.com':80
- au######on.whatismyip.com/n09230945.asp
- DNS ASK au######on.whatismyip.com
- ClassName: 'Indicator' WindowName: ''