Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '{50B2E490-FF49-F40F-AD92-B643CAB56C9F}' = '%APPDATA%\Uvelit\quid.exe'
- '%APPDATA%\Uvelit\quid.exe'
- '%APPDATA%\Uvelit\quid.exe'
- '<SYSTEM32>\cmd.exe' /c "%TEMP%\tmp_dfc4b9e2.bat"
- <SYSTEM32>\cmd.exe
- ClassName: 'OLLYDBG', WindowName: ''
- %HOMEPATH%\Local Settings\<INETFILES>\Content.IE5\KHMHGZ4F\g[1].htm
- %TEMP%\tmp_dfc4b9e2.bat
- %APPDATA%\Uvelit\quid.exe
- 'iy######vbbhetoo.onion.pw':80
- DNS ASK iy######vbbhetoo.onion.pw
- ClassName: 'Rock Debugger' WindowName: ''
- ClassName: 'ObsidianGUI' WindowName: ''
- ClassName: 'Zeta Debugger' WindowName: ''
- ClassName: 'WinDbgFrameClass' WindowName: ''
- ClassName: 'Immunity Debugger' WindowName: ''