Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] '88ECC1DC5E4C680F000088EC38F56D57' = '%ALLUSERSPROFILE%\Application Data\88ECC1DC5E4C680F000088EC38F56D57\88ECC1DC5E4C680F000088EC38F56D57.exe'
- %ALLUSERSPROFILE%\Application Data\88ECC1DC5E4C680F000088EC38F56D57\88ECC1DC5E4C680F000088EC38F56D57.ico
- %ALLUSERSPROFILE%\Application Data\88ECC1DC5E4C680F000088EC38F56D57\88ECC1DC5E4C680F000088EC38F56D57.exe
- <SYSTEM32>\wbem\Performance\WmiApRpl_new.ini
- '17#.#1.29.181':80
- 17#.#1.29.181/api/urls/?ts#####################################################
- ClassName: 'Shell_TrayWnd' WindowName: ''