Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '78121423' = '%ALLUSERSPROFILE%\Application Data\78121423\78121423.exe'
- %ALLUSERSPROFILE%\Application Data\78121423\78121423.exe Data\78121423\78121423.exe /inst
- <SYSTEM32>\cmd.exe /c ""%ALLUSERSPROFILE%\Application Data\78121423\78121423.bat" "
- %ALLUSERSPROFILE%\Application Data\78121423\78121423.bat
- %ALLUSERSPROFILE%\Application Data\78121423\78121423.exe
- '94.##2.50.135':80
- 94.##2.50.135/in.php?af#########################################
- ClassName: 'Shell_TrayWnd' WindowName: ''