Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'AdVantage' = '%APPDATA%\advantage\AdVantage.exe'
- <SYSTEM32>\systeminfo.exe
- %APPDATA%\advantage\AdVantage.exe
- %APPDATA%\Microsoft\Sze\hqhmp
- ClassName: ' 70 67' WindowName: '5 20 53 '
- ClassName: ' 1 869 ' WindowName: ' 35 1539'
- ClassName: '4829 972' WindowName: '3 8 '
- ClassName: '5 20 53 ' WindowName: '5 20 53 '
- ClassName: '48 71' WindowName: '5 20 53 '
- ClassName: '90 ' WindowName: '48 71'
- ClassName: 'Indicator' WindowName: ''
- ClassName: '5 20 53 ' WindowName: ' 35 1539'
- ClassName: ' 35 1539' WindowName: ' 61'
- ClassName: '48 71' WindowName: ' 35 1539'
- ClassName: '7 21' WindowName: '7 21'
- ClassName: '22 ' WindowName: '23'
- ClassName: '5843 256 ' WindowName: '03 '
- ClassName: '3 ' WindowName: ' 1 5'
- ClassName: '3 8 ' WindowName: '3 8 '
- ClassName: '3 8 ' WindowName: '15'
- ClassName: '5 20 53 ' WindowName: '03 '
- ClassName: '04627' WindowName: ' 70 67'
- ClassName: '2311' WindowName: '59 1 '
- ClassName: ' 81' WindowName: ' 81'
- ClassName: '48 71' WindowName: '59 1 '