Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'wects' = '%TEMP%\RSrt.exe'
- %TEMP%\rsrt.exe
- %TEMP%\windscribe.exe
- %TEMP%\is-oe8or.tmp\windscribe.tmp
- %TEMP%\setup log 2020-10-14 #001.txt
- %TEMP%\is-q0eae.tmp\_isetup\_setup64.tmp
- 'f.###4top.io':443
- 'ga#####1hack.sytes.net':19822
- DNS ASK f.###4top.io
- DNS ASK ga#####1hack.sytes.net
- ClassName: 'Qt5QWindowIcon' WindowName: 'Windscribe'
- '%TEMP%\rsrt.exe'
- '%TEMP%\windscribe.exe'
- '%TEMP%\is-oe8or.tmp\windscribe.tmp' /SL5="$C00D2,16364339,486912,%TEMP%\Windscribe.exe"