Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run\] 'Krypt' = 'C:\Users\Public\sysx.exe sysdr.exe C:\Users\Public'
- %WINDIR%\serviceprofiles\networkservice\appdata\locallow\microsoft\cryptneturlcache\metadata\f0accf77cdcbff39f6191887f6d2d357
- %WINDIR%\serviceprofiles\networkservice\appdata\locallow\microsoft\cryptneturlcache\content\f0accf77cdcbff39f6191887f6d2d357
- C:\users\public\adapt.txt
- C:\users\public\any.zip
- C:\users\public\sysdr.exe.tmp
- C:\users\public\sysx.exe.tmp
- C:\users\public\aboutunistaller.txt
- C:\users\public\title.txt
- %APPDATA%\anydesk\ad.trace
- %APPDATA%\anydesk\user.conf
- %APPDATA%\anydesk\service.conf
- %APPDATA%\anydesk\system.conf
- %TEMP%\gcapi.dll
- C:\users\public\adapt.txt
- C:\users\public\any.zip
- C:\users\public\sysdr.exe.tmp в C:\users\public\sysdr.exe
- C:\users\public\sysx.exe.tmp в C:\users\public\sysx.exe
- http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt
- http://62.##1.152.105/any/any.zip
- DNS ASK ap#.#pify.org
- DNS ASK bo#####.net.anydesk.com
- DNS ASK re#######c3f30.net.anydesk.com
- ClassName: '' WindowName: 'AnyDesk'
- 'C:\users\public\sysx.exe' sysdr.exe C:\Users\Public
- 'C:\users\public\sysdr.exe'
- 'C:\users\public\sysdr.exe' --local-service
- 'C:\users\public\sysdr.exe' --local-control
- 'C:\users\public\sysx.exe' sysdr.exe C:\Users\Public' (со скрытым окном)