Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Windows Sesion Manager' = '"%APPDATA%\Windows Sesion Manager.exe"'
- %TEMP%\winsesman.exe
- %APPDATA%\Windows Sesion Manager.exe
- %TEMP%\sHkSp.exe
- %TEMP%\sHsif.hkp
- %APPDATA%\Windows Sesion Manager.exe
- %TEMP%\sHkSp.exe
- '93.##8.134.11':465
- DNS ASK smtp.yandex.ru
- '%TEMP%\winsesman.exe'
- '%APPDATA%\Windows Sesion Manager.exe'
- '%TEMP%\sHkSp.exe' /scomma %TEMP%\sHsif.hkp