Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'DateToDate.exe' = '%APPDATA%\WinUpdate\DateToDate.exe'
- %APPDATA%\WinUpdate\DateToDate.exe
- %TEMP%\abc2.exe
- %TEMP%\abc1.exe
- <SYSTEM32>\wscript.exe "%APPDATA%\WinUpdate\Data_01.vbs"
- %APPDATA%\WinUpdate\DateToDate.exe
- %APPDATA%\WinUpdate\Data_01.vbs
- %APPDATA%\builder.txt
- %TEMP%\abc1.exe
- %TEMP%\abc2.exe
- %APPDATA%\builder.txt
- '92.##1.190.176':80
- 92.##1.190.176/Panel/bot.php?hw########################################################################
- 92.##1.190.176/Panel/command.txt
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''