Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'SiroiHuyu' = '<SYSTEM32>\zh-KR\<Имя вируса>.exe'
- Диспетчера задач (Taskmgr)
- '<SYSTEM32>\reg.exe' add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 1 /f
- <SYSTEM32>\zh-KR\<Имя вируса>.exe
- <SYSTEM32>\zh-KR\<Имя вируса>.exe
- ClassName: 'TrojenCut.exe' WindowName: ''
- ClassName: 'Nuguya.exe' WindowName: ''
- ClassName: 'procexp64.exe' WindowName: ''
- ClassName: 'NateRSRCMain.exe' WindowName: ''
- ClassName: 'msconfig.exe' WindowName: ''
- ClassName: 'ProcessClean.exe' WindowName: ''
- ClassName: 'GoClean.exe' WindowName: ''
- ClassName: 'procexp.exe' WindowName: ''
- ClassName: 'taskmgr.exe' WindowName: ''
- ClassName: 'ProcessHacker' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'taskeng.exe' WindowName: ''
- ClassName: 'conhost' WindowName: ''
- ClassName: 'cmd.exe' WindowName: ''
- ClassName: 'taskhost.exe' WindowName: ''