Техническая информация
- [<HKLM>\SYSTEM\ControlSet003\Services\¦Ы?ҐН¦Ё] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\ydghfdxn] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\¦Ы?ҐН¦Ё] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet002\Services\¦Ы?ҐН¦Ё] 'Start' = '00000002'
- '%WINDIR%\game.exe'
- '%WINDIR%\mumaa.exe'
- '%WINDIR%\game.sfx.exe'
- '<SYSTEM32>\svchost.exe' -k ¦Ы?ҐН¦Ё
- NtQueryDirectoryFile, драйвер-обработчик: gnjnnm.sys
- NtDeviceIoControlFile, драйвер-обработчик: gnjnnm.sys
- <SYSTEM32>\gnjnnm.dll
- <DRIVERS>\gnjnnm.sys
- %WINDIR%\game.exe
- %WINDIR%\game.sfx.exe
- %WINDIR%\mumaa.exe
- <SYSTEM32>\0003f7e7.ini
- %WINDIR%\mumaa.exe
- '14#.#19.164.74':54321
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''