Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Insomniac_] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\Insomniac_] 'ImagePath' = '%ALLUSERSPROFILE%\Application Data\RamScraperrr\insomniac.exe'
- %ALLUSERSPROFILE%\Application Data\RamScraperrr\aazz.log
- %ALLUSERSPROFILE%\Application Data\RamScraperrr\insomniac.bat
- %ALLUSERSPROFILE%\Application Data\RamScraperrr\insomniac.exe
- '%ALLUSERSPROFILE%\Application Data\RamScraperrr\insomniac.exe'
- '<SYSTEM32>\sc.exe' start "Insomniac_"
- '<SYSTEM32>\sc.exe' config "Insomniac_" start= auto
- '<SYSTEM32>\cmd.exe' /c ""%ALLUSERSPROFILE%\Application Data\RamScraperrr\insomniac.bat" "
- '<SYSTEM32>\sc.exe' create "Insomniac_" binPath= "%ALLUSERSPROFILE%\Application Data\RamScraperrr\insomniac.exe"