Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] 'server' = 'C:\Extracted\26056_1.exe'
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{05I41M56-QW07-U20F-YX8T-VB4U6TP4UX63}] 'StubPath' = '"%PROGRAM_FILES%\iNTERNET eXPLORER\IEXPLORE.EXE"'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'server' = 'C:\Extracted\26056_1.exe'
- %HOMEPATH%\Start Menu\Programs\Startup\movei.exe
- C:\Extracted\TWA9EL.COM.exe
- C:\Extracted\26056_1.exe
- %WINDIR%\Explorer.EXE
- C:\Extracted\26056_1.exe
- %TEMP%\sfx.ini
- C:\Extracted\TWA9EL.COM.exe
- %TEMP%\sfx.ini
- 'w2#.#o-ip.info':3340
- DNS ASK w2#.#o-ip.info
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''