Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'FlashPlayarPlugins' = '"%ALLUSERSPROFILE%\Application Data\FlashPlayerPlugin_8b982aa3_88e6680f.exe"'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] '*FleshPlayarPlugins' = '"%ALLUSERSPROFILE%\Application Data\FlashPlayerPlugin_8b982aa3_88e6680f.exe"'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'FlashPlayerPlugins' = '"<Полный путь к файлу>"'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] '*FlashPlayersPlugin' = '"<Полный путь к файлу>"'
- %ALLUSERSPROFILE%\Documents\# HELP_DECRYPT_YOUR_FILES #.TXT
- %ALLUSERSPROFILE%\Desktop\# HELP_DECRYPT_YOUR_FILES #.TXT
- %ALLUSERSPROFILE%\Documents\My Music\My Playlists\# HELP_DECRYPT_YOUR_FILES #.TXT
- %ALLUSERSPROFILE%\Documents\My Music\# HELP_DECRYPT_YOUR_FILES #.TXT
- <Текущая директория>\# HELP_DECRYPT_YOUR_FILES #.TXT
- %ALLUSERSPROFILE%\Application Data\FlashPlayerPlugin_8b982aa3_88e6680f.exe
- %ALLUSERSPROFILE%\# HELP_DECRYPT_YOUR_FILES #.TXT
- C:\Documents and Settings\# HELP_DECRYPT_YOUR_FILES #.TXT
- '18#.#53.197.66':80
- '74.##5.232.51':80
- http://18#.#53.197.66/check_pgp_key.html
- DNS ASK google.com