Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'Load' = '%TEMP%\System.exe'
- %HOMEPATH%\Start Menu\Programs\Startup\WF4dZLLuDYa5ho8nvVVt1A==.exe
- %HOMEPATH%\Start Menu\Programs\Startup\CCleaner.lnk
- %TEMP%\System.exe
- %TEMP%\System.exe
- 'sa###.#acker.ddns.net':7736
- DNS ASK sa###.#acker.ddns.net
- ClassName: 'Shell_traywnd' WindowName: ''
- '%TEMP%\System.exe'
- '<SYSTEM32>\schtasks.exe' /Create /SC minute /MO 1 /TN Microsoft /TR %TEMP%\System.exe