Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'COLLYRO' = '%TEMP%\gentekno\seniorate.vbs'
- seniorate.exe
- %TEMP%\gentekno\seniorate.exe
- %TEMP%\gentekno\seniorate.vbs
- %TEMP%\gentekno\seniorate.exe
- 'drive.google.com':443
- DNS ASK drive.google.com
- '%TEMP%\gentekno\seniorate.exe'
- '%WINDIR%\syswow64\napstat.exe'
- '%WINDIR%\syswow64\cmd.exe' del "%TEMP%\gentekno\seniorate.exe"