Техническая информация
- %PROGRAMDATA%\0
- %PROGRAMDATA%\268352e06c\gvsaa.exe
- http://21#.#.117.64/theCC/cred.dll
- http://21#.#.117.64/theCC/index.php
- '%PROGRAMDATA%\268352e06c\gvsaa.exe'
- '%WINDIR%\syswow64\reg.exe' ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /f /v Startup /t REG_SZ /d %PROGRAMDATA%\268352e06c