Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'ydlslNuzHi' = 'C:\Users\Public\ydlslNuzHi.vbs'
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\] 'proces' = '%APPDATA%\Install\Host.exe'
- host.exe
- %HOMEPATH%\scriptrunner\netevtfwdr.bat
- %APPDATA%\install\host.exe
- DNS ASK ma#####a.duckdns.org
- '%APPDATA%\install\host.exe' "<Полный путь к файлу>"
- '%APPDATA%\install\host.exe'