Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Gigabyte' = 'wscript.exe "%HOMEPATH%\keyboard.sys.js"'
- <SYSTEM32>\wscript.exe "%HOMEPATH%\keyboard.sys.js"
- %HOMEPATH%\keyboard.sys.js
- %TEMP%\privacy.docx
- %HOMEPATH%\keyboard.sys.js
- %HOMEPATH%\keyboard.sys.js
- 'md##g.ru':80
- 'u2####.netangels.ru':80
- md##g.ru/administrator/includes/ping.php?ne#############
- u2####.netangels.ru/tst.txt
- DNS ASK md##g.ru
- DNS ASK u2####.netangels.ru
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''