Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Microsoft Windows Operating System' = '<LS_APPDATA>\Nagoya\explore.exe'
- <LS_APPDATA>\Nagoya\reg.exe
- <LS_APPDATA>\Nagoya\explore.exe
- <SYSTEM32>\taskkill.exe /f /im explore.exe
- <LS_APPDATA>\Nagoya\version
- <LS_APPDATA>\Nagoya\reg.exe
- <LS_APPDATA>\Nagoya\explore.exe
- 'bl####r7.zapto.org':14
- DNS ASK bl####r7.zapto.org
- ClassName: 'Indicator' WindowName: ''
- ClassName: '' WindowName: ''