Техническая информация
- %WINDIR%\tasks\passmaster.job
- [<HKLM>\System\CurrentControlSet\Services\Angry Reality] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\Angry Reality] 'ImagePath' = '%APPDATA%\Angry Reality\Angry Reality.exe'
- %APPDATA%\angry reality\angry reality.exe
- \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\009
- %ALLUSERSPROFILE%\application data\{703ce964-2b93-42fb-703c-ce9642b9a590}\<Имя файла>.exe
- %ALLUSERSPROFILE%\application data\{703ce964-2b93-42fb-703c-ce9642b9a590}\<Имя файла>.dat
- %APPDATA%\angry reality\5bodv.dat
- DNS ASK ge###luesee.com
- DNS ASK al####el-pro.com
- DNS ASK ge####uesee.info
- DNS ASK ce####-ring.info
- '%APPDATA%\angry reality\angry reality.exe'