Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '8519eb66cd00fcbe53229ce31c4ac700' = '"%TEMP%\Audiolog.exe" ..'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '8519eb66cd00fcbe53229ce31c4ac700' = '"%TEMP%\Audiolog.exe" ..'
- %HOMEPATH%\Start Menu\Programs\Startup\8519eb66cd00fcbe53229ce31c4ac700.exe
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%TEMP%\Audiolog.exe' = '%TEMP%\Audiolog.exe:*:Enabled:Audiolog.exe'
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%TEMP%\Audiolog.exe" "Audiolog.exe" ENABLE
- %TEMP%\Audiolog.exe
- 'an#####net.myftp.org':1177
- DNS ASK an#####net.myftp.org
- '%TEMP%\Audiolog.exe'