Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'oL11BCH' = '%PROGRAMDATA%\Microsoft\Windows\Start Menu\Programs\start.exe'
- %APPDATA%\microsoft\windows\start menu\programs\startup\3ogcujgmsy.eu.url
- %WINDIR%\microsoft.net\framework\v2.0.50727\regasm.exe
- %APPDATA%\3ogcujgmsy\3ogcujgmsy.exe
- %PROGRAMDATA%\microsoft\windows\start menu\programs\start.exe
- %TEMP%\aut6f22.tmp
- %TEMP%\wwz5.s9
- %APPDATA%\monitor\screenshots\03-01-2020\4.55 pm
- %TEMP%\aut6f22.tmp
- '18#.#66.236.103':18342
- '%WINDIR%\microsoft.net\framework\v2.0.50727\regasm.exe'