Техническая информация
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Microsoft' = 'System.exe'
- %TEMP%\entry.dll
- %TEMP%\from64.dll
- %TEMP%\minecraft pc.exe
- %TEMP%\minecraft.exe
- %TEMP%\values.dll
- %APPDATA%\.minecraft\shig.inima
- %TEMP%\minecraft.exe
- 'sa######pdate.myq-see.com':5005
- http://te####iginima.com/version.php
- DNS ASK te####iginima.com
- DNS ASK sa######pdate.myq-see.com
- '%TEMP%\minecraft pc.exe'
- '%TEMP%\minecraft.exe'
- '%ProgramFiles%\java\jre1.8.0_45\bin\javaw.exe' -classpath "%TEMP%\Minecraft PC.exe" net.mc.main.Main