Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{R1T57O01-7718-4OL6-313L-24JX6P88Y6X7}] 'StubPath' = '%WINDIR%\Windows Direction\svchostexe Restart'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'HKCU' = ''
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'HKLM' = ''
- %APPDATA%\Server.exe
- %APPDATA%\7za.exe "x" "-y" "%APPDATA%\Server.7z" "-pHVLnt5Dy"
- %WINDIR%\Windows Direction\svchostexe
- %TEMP%\%USERNAME%2.txt
- <Текущая директория>\server.exe
- %APPDATA%\7za.exe
- %APPDATA%\Server.txt
- %APPDATA%\Server.7z
- %APPDATA%\Server.exe
- %APPDATA%\7za.exe
- ClassName: 'Indicator' WindowName: ''