Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'etP57zLzLBbX6H' = '%ALLUSERSPROFILE%\MTQ1HQ5ImImE\pptfsUo6PuEkb69P.exe'
- %ALLUSERSPROFILE%\MTQ1HQ5ImImE\pptfsUo6PuEkb69P.exe
- %TEMP%\RG4TD4V89m.exe
- %ALLUSERSPROFILE%\MTQ1HQ5ImImE\RCX1.tmp
- %ALLUSERSPROFILE%\MTQ1HQ5ImImE\pptfsUo6PuEkb69P.exe
- %TEMP%\RG4TD4V89m.exe
- %ALLUSERSPROFILE%\MTQ1HQ5ImImE\pptfsUo6PuEkb69P.exe
- DNS ASK wh##.##ogotardo.com.br
- ClassName: 'Indicator' WindowName: ''