Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\google.exe'
- '%TEMP%\google.exe'
- '<SYSTEM32>\rundll32.exe' <SYSTEM32>\shell32.dll,OpenAs_RunDLL %TEMP%\23.pdf
- %TEMP%\23.pdf
- %TEMP%\google.exe
- '66.##8.132.53':80
- 66.##8.132.53/2523.asp
- 66.##8.132.53/2507.asp
- 66.##8.132.53/2539.asp
- 66.##8.132.53/2572.asp
- 66.##8.132.53/2556.asp
- 66.##8.132.53/2487.asp
- 66.##8.132.53/2422.asp
- 66.##8.132.53/2399.asp
- 66.##8.132.53/2438.asp
- 66.##8.132.53/2471.asp
- 66.##8.132.53/2455.asp
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''