Техническая информация
- [<HKLM>\Software\Classes\dmofile\shell\open\command] '' = ''
- [<HKCU>\Software\Classes\dmofile\shell\open\command] '' = ''
- [<HKCU>\Software\Classes\dmofile\shell\open\command] '' = '%APPDATA%\Meltdown\demo loader\loader.exe "%1"'
- '%WINDIR%\syswow64\netsh.exe' advfirewall firewall add rule name = MeltdownGames dir = in action = allow protocol = UDP localport = 23513-23553
- '%WINDIR%\syswow64\netsh.exe' advfirewall firewall add rule name = MeltdownHost dir = in action = allow protocol = TCP localport = 23513-23553
- '%WINDIR%\syswow64\netsh.exe' advfirewall firewall add rule name = MeltdownPing dir = in action = allow protocol = icmpv4:8,any
- %APPDATA%\meltdown\mel8b07.tmp
- %APPDATA%\meltdown\mel8b56.tmp
- %APPDATA%\meltdown\meltdown.cfg
- %APPDATA%\meltdown\mel8b07.tmp в %APPDATA%\meltdown\meltdown.cfg
- %APPDATA%\meltdown\meltdown.cfg
- DNS ASK du#####em3donline.com
- ClassName: '' WindowName: 'Meltdown '