Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Payload.exe' = '%ALLUSERSPROFILE%\Application Data\Payload.exe'
- %WINDIR%\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
- %ALLUSERSPROFILE%\Application Data\Payload.exe
- '%ALLUSERSPROFILE%\Application Data\Payload.exe'
- '%WINDIR%\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe'