Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'D719ItL36ffSWp12jL' = '%APPDATA%\Q6503a8H5n4a9wc9\XF1nrZxyfmao.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'D719ItL36ffSWp12' = '%APPDATA%\Q6503a8H5n4a9wc9\0Idi47A2ZOnJ.exe'
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%TEMP%\crss.exe" "crss.exe" ENABLE
- '%TEMP%\crss.exe'
- %APPDATA%\Q6503a8H5n4a9wc9\XF1nrZxyfmao.exe
- %TEMP%\crss.exe
- %APPDATA%\Q6503a8H5n4a9wc9\0Idi47A2ZOnJ.exe
- %APPDATA%\Q6503a8H5n4a9wc9\XF1nrZxyfmao.exe
- %APPDATA%\Q6503a8H5n4a9wc9\0Idi47A2ZOnJ.exe