Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'Run' = '%ALLUSERSPROFILE%\Application Data\SnailDriver V1.69\config.exe'
- %TEMP%\tmp1154\readme.txt
- %TEMP%\tmp1154\pub.key
- %TEMP%\tmp1154\i7765.dll
- %TEMP%\tmp1154\d392
- %TEMP%\tmp1154\r3066
- %TEMP%\tmp1154\shkanje46.mp4
- %TEMP%\tmp1154\Thumbs.bmp
- %ALLUSERSPROFILE%\Application Data\SnailDriver V1.69\lp.ini
- %TEMP%\tmp1154\readme.txt в %ALLUSERSPROFILE%\Application Data\SnailDriver V1.69\readme.txt
- %TEMP%\tmp1154\d392 в %ALLUSERSPROFILE%\Application Data\SnailDriver V1.69\d.o
- %TEMP%\tmp1154\r3066 в %ALLUSERSPROFILE%\Application Data\SnailDriver V1.69\config.exe
- %TEMP%\tmp1154\pub.key в %ALLUSERSPROFILE%\Application Data\SnailDriver V1.69\pub.key
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'TNRRDPKE2' WindowName: ''
- '<SYSTEM32>\rundll32.exe' i7765.dll D1 d392 r3066 "shkanje46.mp4"