Техническая информация
- [<HKCU>\Software\Google\Google Talk\Accounts]
- [<HKLM>\SOFTWARE\Wow6432Node\FlashFXP]
- [<HKLM>\Software\Wow6432Node\Ghisler\Total Commander]
- [<HKCU>\Software\Ghisler\Total Commander]
- [<HKCU>\Software\FTPWare\CoreFTP\Sites]
- [<HKCU>\Software\FTP Explorer\Profiles]
- [<HKCU>\Software\GlobalSCAPE\CuteFTP 8 Professional\QCToolbar]
- [<HKCU>\Software\NCH Software\ClassicFTP\FTPAccounts]
- [<HKCU>\Software\NCH Software\Fling\Accounts]
- [<HKCU>\Software\CoffeeCup Software\Internet\Profiles]
- [<HKCU>\Software\Martin Prikryl\WinSCP 2\Sessions]
- %TEMP%\na_5112011.rar
- %TEMP%\report_05-11-2019_20-14-19-jkmj.bin
- %APPDATA%\winrar\version.dat
- <Текущая директория>\ufr_files\report_05-11-2019_20-14-19-jkmj.bin
- %TEMP%\registry-grabbing.reg
- <Текущая директория>\ufr_files\registry-grabbing.reg
- %TEMP%\report_05-11-2019_20-14-19-jkmj.bin
- %TEMP%\registry-grabbing.reg
- 'sm##.mail.ru':25
- DNS ASK sm##.mail.ru
- ClassName: 'WinRarWindow' WindowName: ''
- '%ProgramFiles%\winrar\winrar.exe' "%TEMP%\NA_5112011.rar"