Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'Bead8' = '%TEMP%\Finmot1\kitni.vbs'
- kitni.scr
- %TEMP%\finmot1\kitni.scr
- %TEMP%\finmot1\kitni.vbs
- http://tr.##lamor.com/wp-content/plugins/hello-dolly/theone_OabdhXvD47.bin
- DNS ASK tr.##lamor.com
- '%TEMP%\finmot1\kitni.scr' /S
- '%WINDIR%\syswow64\netsh.exe' wlan show profile