Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'WindowsKernel' = '%TEMP%\kernel64.exe'
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\Barcos%20y%20Putas[1].mp3
- %TEMP%\windows.mp3
- %TEMP%\kernel64.exe
- 'pu####.##y.livefilestore.com':80
- 'localhost':1036
- pu####.##y.livefilestore.com/y1piT19ZFUvRL3liLNVz4akDjNyZTGC1vqIU_jk3KNGv0xbZe4J0fAIQ0LgzLDnwbg6zFY8FAXkWeQxcV4zzI7Srg/Barcos%20y%20Putas.mp3?do#############
- DNS ASK pu####.##y.livefilestore.com
- ClassName: 'Indicator' WindowName: ''