Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '31dee15b92f3b7a4f18ad6d339ab3830' = '"%TEMP%\linuks.exe" ..'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '31dee15b92f3b7a4f18ad6d339ab3830' = '"%TEMP%\linuks.exe" ..'
- %HOMEPATH%\Start Menu\Programs\Startup\31dee15b92f3b7a4f18ad6d339ab3830.exe
- <Имя диска съемного носителя>:\ My hack site
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%TEMP%\linuks.exe' = '%TEMP%\linuks.exe:*:Enabled:linuks.exe'
- %TEMP%\linuks.exe
- <SYSTEM32>\netsh.exe firewall add allowedprogram "%TEMP%\linuks.exe" "linuks.exe" ENABLE
- C:\ My hack site
- %TEMP%\linuks.exe
- 'ah####e.no-ip.info':1604
- DNS ASK ah####e.no-ip.info
- ClassName: 'Indicator' WindowName: ''