Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'svchost.exe' = '%HOMEPATH%\ЎёїЄКјЎ№ІЛµҐ\іМРт\Жф¶Ї\svcho.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'svchost.exe' = '%HOMEPATH%\ЎёїЄКјЎ№ІЛµҐ\іМРт\Жф¶Ї\svchost.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'seriver' = '<Текущая директория>\svchost.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] 'Run' = '%HOMEPATH%\ЎёїЄКјЎ№ІЛµҐ\іМРт\Жф¶Ї\svchost.exe'
- [<HKLM>\SYSTEM\ControlSet001\Hardware Profiles\0001\Software\Microsoft\windows\CurrentVersion\Policies\Explorer] 'Run' = '%HOMEPATH%\ЎёїЄКјЎ№ІЛµҐ\іМРт\Жф¶Ї\svcho.exe'
- [<HKLM>\SYSTEM\ControlSet001\Hardware Profiles\0001\Software\Microsoft\windows\CurrentVersion\Policies\Explorer] 'Run' = '%HOMEPATH%\ЎёїЄКјЎ№ІЛµҐ\іМРт\Жф¶Ї\svchost.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] 'Run' = '%HOMEPATH%\ЎёїЄКјЎ№ІЛµҐ\іМРт\Жф¶Ї\svcho.exe'
- <SYSTEM32>\net1.exe localgroup %USERNAME%s hackdark$ /add
- <SYSTEM32>\net1.exe user hackdark$ daode /add
- 'www.33##.org':80
- 'sm##.qq.com':25
- www.33##.org/dyndns/getip
- DNS ASK www.33##.org
- DNS ASK sm##.qq.com
- '<IP-адрес в локальной сети>':1037
- ClassName: 'Indicator' WindowName: ''