Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'http' = '%TEMP%\service.exe'
- '%TEMP%\service.exe' service tmpO7BI
- '<Текущая директория>\test.exe'
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\_uninsep.bat" "
- '<SYSTEM32>\cmd.exe' /c <Текущая директория>\$$Windows$$.bat
- %TEMP%\service.exe
- <Текущая директория>\$$Windows$$.bat
- <Текущая директория>\test.exe
- %TEMP%\_uninsep.bat
- <Текущая директория>\test.exe
- %TEMP%\service.exe в %TEMP%\service.exe
- '45.#6.51.52':7500
- ClassName: 'REALGAME_CANVAS' WindowName: '게임 클라이언트'
- ClassName: 'CXG_WNDCLASS' WindowName: ''
- ClassName: 'REALGAME_CANVAS' WindowName: '?? ?????'
- ClassName: 'POKER_CANVAS' WindowName: '?? ?????'
- ClassName: 'POKER_CANVAS' WindowName: '게임 클라이언트'