Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'U1B5S2E0-S6R4-Y4O1-P7F0-W443P1Y6S3L2' = '%APPDATA%\U1B5S2E0-S6R4-Y4O1-P7F0-W443P1Y6S3L2\U1B5S2E0-S6R4-Y4O1-P7F0-W443P1Y6S3L2.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'U1B5S2E0-S6R4-Y4O1-P7F0-W443P1Y6S3L2' = '%APPDATA%\U1B5S2E0-S6R4-Y4O1-P7F0-W443P1Y6S3L2\U1B5S2E0-S6R4-Y4O1-P7F0-W443P1Y6S3L2.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run] 'U1B5S2E0-S6R4-Y4O1-P7F0-W443P1Y6S3L2' = '%APPDATA%\U1B5S2E0-S6R4-Y4O1-P7F0-W443P1Y6S3L2\U1B5S2E0-S6R4-Y4O1-P7F0-W443P1Y...
- Средство контроля пользовательских учетных записей (UAC)
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
- IEXPLORE.EXE
- %HOMEPATH%\AuditNativeSnapIn\IEChooser.exe
- %APPDATA%\U1B5S2E0-S6R4-Y4O1-P7F0-W443P1Y6S3L2\U1B5S2E0-S6R4-Y4O1-P7F0-W443P1Y6S3L2.exe
- %APPDATA%\U1B5S2E0-S6R4-Y4O1-P7F0-W443P1Y6S3L2\ut
- %APPDATA%\U1B5S2E0-S6R4-Y4O1-P7F0-W443P1Y6S3L2\U1B5S2E0-S6R4-Y4O1-P7F0-W443P1Y6S3L2.exe
- '18#.#48.241.42':303
- '<SYSTEM32>\schtasks.exe' /create /tn chkntfs /tr "%HOMEPATH%\AuditNativeSnapIn\IEChooser.exe" /sc minute /mo 1 /F
- '%WINDIR%\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe'
- '%ProgramFiles%\Internet Explorer\IEXPLORE.EXE' %WINDIR%\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe