Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'cdd4a73fb304ec0cc7c5bb7d195cc0a4' = '"%TEMP%\FacebookHead.exe" ..'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'cdd4a73fb304ec0cc7c5bb7d195cc0a4' = '"%TEMP%\FacebookHead.exe" ..'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%TEMP%\FacebookHead.exe' = '%TEMP%\FacebookHead.exe:*:Enabled:Facebook...
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%TEMP%\FacebookHead.exe" "FacebookHead.exe" ENABLE
- %TEMP%\FacebookHead.exe
- '82.##.14.101':1177
- '%TEMP%\FacebookHead.exe'