Техническая информация
- %WINDIR%\tasks\kitchenfriend.job
- [<HKLM>\System\CurrentControlSet\Services\Angry Wealth] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\Angry Wealth] 'ImagePath' = '%APPDATA%\Angry Wealth\Angry Wealth.exe'
- %APPDATA%\angry wealth\angry wealth.exe
- %ALLUSERSPROFILE%\application data\{3a7f18e5-723e-850f-3a7f-f18e57236395}\<Имя файла>.exe
- %ALLUSERSPROFILE%\application data\{3a7f18e5-723e-850f-3a7f-f18e57236395}\<Имя файла>.dat
- %APPDATA%\angry wealth\5bodv.dat
- DNS ASK ri###ynorth.biz
- DNS ASK fi####usapro.info
- DNS ASK ge###luesee.com
- '%APPDATA%\angry wealth\angry wealth.exe'