Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'VXHNYGGNXBTXAAR' = '%PROGRAMDATA%\NGKLWCULKEHKTIB\BJNJFRJBXGXQMVR.exe'
- %WINDIR%\explorer.exe
- %HOMEPATH%\desktop\coffee.bmp
- %PROGRAMDATA%\ngklwculkehktib\bjnjfrjbxgxqmvr.exe
- DNS ASK tr####rehunter.at