Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'OMNEITY' = 'wscript "%HOMEPATH%\BANKABLE\Recentnesses.vbs"'
- %WINDIR%\win.ini
- recentnesses.exe
- %HOMEPATH%\bankable\recentnesses.exe
- %HOMEPATH%\bankable\recentnesses.vbs
- %APPDATA%\remcos\logs.dat
- 'ra######ier2468.ddns.net':1010
- DNS ASK ra######ier2468.ddns.net
- '%HOMEPATH%\bankable\recentnesses.exe'