Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Micro' = '%APPDATA%\svhost.exe'
- %HOMEPATH%\Start Menu\Programs\Startup\Logs.vbs
- %HOMEPATH%\Start Menu\Programs\Startup\svhost
- %APPDATA%\svhost.exe
- %TEMP%\svhost.exe
- %TEMP%\vpk.exe
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk в %APPDATA%\Random\Optional\Launch Internet Explorer Browser.lnk
- 'j4###r.ddns.net':5000
- DNS ASK j4###r.ddns.net
- '%APPDATA%\svhost.exe'
- '%TEMP%\svhost.exe'
- '%TEMP%\vpk.exe'