Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'VideoCard' = '%APPDATA%\VideoCard.exe'
- <SYSTEM32>\svchost.exe
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings] 'WarnOnPostRedirect' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] '1601' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings] 'WarnonBadCertRecving' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings] 'WarnonZoneCrossing' = '00000000'
- %APPDATA%\delvideo.bat
- %APPDATA%\VideoConfig.ini
- %APPDATA%\VideoCard.exe
- <Полный путь к файлу>
- 'bu###.#nepiecedream.com':99
- 'se#.##usddaily.com':428
- DNS ASK bu###.#nepiecedream.com
- DNS ASK se#.##usddaily.com
- '%APPDATA%\VideoCard.exe' -copystart
- '<SYSTEM32>\cmd.exe' /c "%APPDATA%\delvideo.bat"
- '<SYSTEM32>\svchost.exe'