Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{0W0X6AWC-W505-L5UA-CD2M-P1J08WA31J1U}] 'StubPath' = '"%APPDATA%\MyVideo.exe"'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'any' = '%APPDATA%\MyVideo.exe'
- %APPDATA%\MyVideo.exe \melt "<Полный путь к вирусу>"
- <SYSTEM32>\svchost.exe "%APPDATA%\MyVideo.exe"
- %APPDATA%\log.dat
- %APPDATA%\MyVideo.exe
- 'localhost':1604
- 'su##.zapto.org':1604
- DNS ASK su##.zapto.org
- ClassName: 'Indicator' WindowName: ''