Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] 'A-755570593' = '"%APPDATA%\A-755570593.exe"'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'A-755570593' = '"%APPDATA%\A-755570593.exe"'
- %HOMEPATH%\Start Menu\Programs\Startup\A-755570593.exe
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\A-755570593.exe
- <SYSTEM32>\cmd.exe /c ""%TEMP%\temp-755570593.bat" "
- <SYSTEM32>\ipconfig.exe /renew
- ClassName: 'TIdaWindow' WindowName: ''
- ClassName: 'TDeDeMainForm' WindowName: ''
- ClassName: 'OLLYDBG' WindowName: ''
- %APPDATA%\A-755570593.exe
- %TEMP%\temp-755570593.bat
- %APPDATA%\A-755570593.exe
- %HOMEPATH%\Start Menu\Programs\Startup\A-755570593.exe
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\A-755570593.exe
- 'ir#.##rate-the.net':6667
- 'il##oip.it':80
- il##oip.it/
- DNS ASK ir#.##rate-the.net
- DNS ASK www.il##oip.it
- DNS ASK il##oip.it
- ClassName: 'icu_dbg' WindowName: ''
- ClassName: 'pe-diy' WindowName: ''
- ClassName: '#32770' WindowName: 'Windows Task Manager'
- ClassName: 'WinDbgFrameClass' WindowName: ''