Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'GetModule18' = '"%PROGRAM_FILES%\GetModule\GetModule18.exe"'
- %PROGRAM_FILES%\GetModule\GetModule18.exe
- %PROGRAM_FILES%\GetModule\GetModule18.exe
- %PROGRAM_FILES%\iCheck\Uninstall.exe
- %TEMP%\nsp2.tmp
- 'po###s123.com':80
- po###s123.com/venora/we-config.php?ui#################################################
- po###s123.com/venora/we-connect.php
- DNS ASK po###s123.com
- ClassName: '' WindowName: 'get-module-mwnd'
- ClassName: 'Indicator' WindowName: ''
- ClassName: '' WindowName: 'qdr.main.window'