Техническая информация
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'NLAEKU' = '<LS_APPDATA>\NLAEKU\NLAEKUW.vbs'
- <SYSTEM32>\regsvr32.exe
- %APPDATA%\oliversoo.exe
- %APPDATA%\oliver.bmp
- %HOMEPATH%\kndex\oliver.ocx
- %HOMEPATH%\yahoo\nlaekuess.exe
- %HOMEPATH%\kndex\nlaeku.bmp
- <LS_APPDATA>\nlaeku\nlaekuv.bat
- <LS_APPDATA>\nlaeku\nlaekuw.vbs
- %HOMEPATH%\kndex\oliver.ocx
- DNS ASK gr#####heart.ddns.net
- ClassName: 'EDIT' WindowName: ''
- '%APPDATA%\oliversoo.exe'
- '<SYSTEM32>\regsvr32.exe'