Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run] 'index' = '%PROGRAM_FILES%\aaa.exe'
- %PROGRAM_FILES%\sdgehjn.exe
- %TEMP%\BaiYin2.exe
- %TEMP%\BaiYin4.exe
- %TEMP%\BaiYin5.exe
- %ALLUSERSPROFILE%\Start Menu\Programs\tem.lnk
- %TEMP%\BaiYin3.exe
- %PROGRAM_FILES%\Update.dll
- %PROGRAM_FILES%\sdgehjn.exe
- %TEMP%\BaiYin2.exe
- 'az.##saux.com':8002
- DNS ASK az.##saux.com
- ClassName: 'Shell_TrayWnd' WindowName: ''