Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Project1' = '%APPDATA%\hrjchv\Project1.exe'
- '%TEMP%\Svchost.exe'
- '%TEMP%\RarSFX0\tjqwvY.exe' "hRJchV"
- %APPDATA%\hrjchv\uybITS.txt
- %APPDATA%\hrjchv\hRJchV
- %TEMP%\Svchost.exe
- %APPDATA%\hrjchv\tjqwvY.exe
- %APPDATA%\hrjchv\1.txt
- %APPDATA%\hrjchv\2.txt
- %APPDATA%\hrjchv\skype.exe
- %APPDATA%\hrjchv\Project1.exe
- %TEMP%\RarSFX0\tjqwvY.exe
- %TEMP%\RarSFX0\igTNFo.exe
- %TEMP%\RarSFX0\hRJchV
- %TEMP%\RarSFX0\uybITS.txt
- %TEMP%\igTNFo.exe
- %TEMP%\hRJchV
- %TEMP%\uybITS.txt
- %TEMP%\tjqwvY.exe
- %TEMP%\RarSFX0\tjqwvY.exe
- %TEMP%\RarSFX0\uybITS.txt
- %TEMP%\RarSFX0\hRJchV
- %TEMP%\RarSFX0\igTNFo.exe
- 'localhost':1337
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''