Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\TTProtect] 'ImagePath' = '%TEMP%\slnlaxkruz.sys'
- '<SYSTEM32>\taskkill.exe' /f /pid 2844
- %TEMP%\slnlaxkruz.sys
- %WINDIR%\TTProtect.ini
- <ANALYSETOOLS_DIR>\LoadLib\3<LOADLIB.EXE>
- %TEMP%\slnlaxkruz.sys
- %TEMP%\slnlaxkruz.sys
- ClassName: '' WindowName: ''
- ClassName: '' WindowName: '¶аНжDNFєРЧУ УГ»§РнїЙРТй'
- ClassName: '' WindowName: '????DNF???? ????????????'