Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'OmwkneE' = 'C:\Arquivos de programas\EhgsqkO\DjbnkrF\OmwkneE.exe -Start'
- C:\Arquivos de programas\EhgsqkO\DjbnkrF\OmwkneE.exe
- %TEMP%\80EB2F5C
- C:\Arquivos de programas\EhgsqkO\DjbnkrF\OmwkneE.exe
- 'gr####ainha.com.br':80
- gr####ainha.com.br/index1.html
- DNS ASK gr####ainha.com.br
- ClassName: 'Indicator' WindowName: ''