Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'AOf??‰’uO' = '\HîÆ%¥Þ#6'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '4O?\? Y‰' = '\HîÆ%¥Þ#6'
- <SYSTEM32>\cmd.exe /c """%TEMP%\DSRUXHzg.bat"" "
- C:\Hi62eн#6
- %TEMP%\DSRUXHzg.bat
- ClassName: 'Indicator' WindowName: ''