Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'strFree' = 'rundll32.exe "%HOMEPATH%\Microsoft\strFree.dll", CreLcfAchF'
- <SYSTEM32>\calc.exe
- <SYSTEM32>\rundll32.exe "%HOMEPATH%\Microsoft\strFree.dll", CreLcfAchF
- %HOMEPATH%\Microsoft\strFree.dll
- 'jo##.#kra76561.net':80
- jo##.#kra76561.net/pic/pic1.txt
- DNS ASK jo##.#kra76561.net
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'NSKVjbkdsf87ty&*D^78f6*^Dg%XD^&SDfiugfyadsg(*&(*W#kjhdfg!@##O0!@#AFAFO0!@#18' WindowName: 'SDfdfgi7Sfyd678^SD&*gfgf&*SE^8gfdfygfd&*S%^d7gf&*gf678dfgdfh*W^&%*(shgdfg&635&W(*$tyudfg*&#$SFKhIUYASE#'
- ClassName: 'OPSDigfdjg*&S^adsfvmbjJSGdf&*S^asddafgiuaydfg788&S%^D*#&*^*&WQ^%874dgfdg*(^*SDG!!@#O0!@#18' WindowName: 'dfgz897sdfg98ydfug*(S^&Dgf8dfhgkjdfghkdfghdfk*ASYr578dghsdfg$5t4!ra@erreaEBV0AFAF!@#O0!@#18b'