Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'lansetting' = '%TEMP%\0001FC4D.exe'
- %TEMP%\0001FC4D.exe
- <SYSTEM32>\cmd.exe /c ""%TEMP%\_uninsep.bat" "
- %TEMP%\_uninsep.bat
- %TEMP%\0001FC4D.exe
- %TEMP%\InitAccess.txt
- '12#.#41.149.12':8080