Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '<LS_APPDATA>\DirectDownloader\directdownloader.exe' = '<LS_APPDATA>\DirectDownloader\directdownloader.exe:*:Enabled:DirectDownloader'
- %TEMP%\bitcoinstub.exe
- %TEMP%\bitcoinstub.exe (загружен из сети Интернет)
- <SYSTEM32>\netsh.exe firewall add allowedprogram "<LS_APPDATA>\DirectDownloader\directdownloader.exe" "DirectDownloader" ENABLE
- %TEMP%\OpenCL.dll
- %TEMP%\DirectDownloaderInstaller.exe
- <LS_APPDATA>\DirectDownloader\directdownloader.exe
- %TEMP%\bitcoinstub.exe
- 'www.di#####ownloader.com':80
- 'op###itcoin.org':80
- www.di#####ownloader.com/DirectDownloaderInstaller.exe
- op###itcoin.org/static/dist/OpenCL.dll
- op###itcoin.org/static/dist/stub.exe
- DNS ASK www.di#####ownloader.com
- DNS ASK op###itcoin.org
- ClassName: 'Shell_TrayWnd' WindowName: ''