Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Microsoft Indexer' = '<LS_APPDATA>\Indexer\MicrosoftIndexer.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Microsoft Indexer' = '\Indexer\MicrosoftIndexer.exe'
- %APPDATA%\Imminent\Logs\24-03-2018
- %APPDATA%\Imminent\Path.dat
- <LS_APPDATA>\Indexer\MicrosoftIndexer.exe
- %TEMP%\IPHiderPro.exe
- C:\Indexer\MicrosoftIndexer.exe
- 'ji###.zapto.org':1069
- DNS ASK ji###.zapto.org
- '%TEMP%\IPHiderPro.exe'