Техническая информация
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'win7' = '%APPDATA%\winsh.exe'
- %APPDATA%\winsh.exe
- %APPDATA%\processname.exe
- %APPDATA%\mminnrxdo.exe
- %TEMP%\user2.txt
- %APPDATA%\ad42a42a\ak.tmp
- %TEMP%\user7
- %TEMP%\user8
- %TEMP%\user2.txt
- %TEMP%\user7
- %TEMP%\user8
- %TEMP%\user7
- %TEMP%\user8
- DNS ASK de#####or22.no-ip.org
- DNS ASK ca####ta.no-ip.org
- '%APPDATA%\processname.exe'
- '%APPDATA%\mminnrxdo.exe'