Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '00083516' = '%ALLUSERSPROFILE%\Application Data\00083516\00083516.exe'
- %ALLUSERSPROFILE%\Application Data\00083516\00083516.exe Data\00083516\00083516.exe /i
- <SYSTEM32>\cmd.exe /c ""%ALLUSERSPROFILE%\Application Data\00083516\00083516.bat" "
- %ALLUSERSPROFILE%\Application Data\00083516\00083516.bat
- %ALLUSERSPROFILE%\Application Data\00083516\00083516.exe
- '93.##6.127.92':80
- 93.##6.127.92/in.php?af#####################################################################################
- ClassName: 'Shell_TrayWnd' WindowName: ''