Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'VmNAT32' = '%ALLUSERSPROFILE%\WinRun32.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Windows_installer' = '%PROGRAM_FILES%\Dll32.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Windows_installer' = '%PROGRAM_FILES%\Dll32.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'AdobeUpdate' = '%APPDATA%\Dll32.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'AdobeUpdate' = '%APPDATA%\Dll32.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'VmNAT32' = '%ALLUSERSPROFILE%\WinRun32.exe'
- %APPDATA%\Dll32.exe
- <SYSTEM32>\cmd.exe /c ""<Текущая директория>\4735.bat" "
- %PROGRAM_FILES%\Dll32.exe
- <Текущая директория>\4735.bat
- %APPDATA%\Dll32.exe
- %ALLUSERSPROFILE%\WinRun32.exe
- '13#.#.233.64':80
- 13#.#.233.64/ann/gate.php?id################################
- ClassName: 'Indicator' WindowName: ''