Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '{F70254F4-6910-80E3-2F3A-70C3DF0C92FE}' = '%APPDATA%\{6B127CC4-4120-1CF3-2F3A-70C3DF0C92FE}\c6adac5b.exe'
- %WINDIR%\Tasks\{F70254F4-6910-80E3-2F3A-70C3DF0C92FE}.job
- '<SYSTEM32>\svchost.exe'
- %WINDIR%\Explorer.EXE
- <SYSTEM32>\svchost.exe
- %APPDATA%\{6B127CC4-4120-1CF3-2F3A-70C3DF0C92FE}\c6adac5b.exe