Техническая информация
- %WINDIR%\tasks\stackyourfiles.job
- [<HKLM>\System\CurrentControlSet\Services\Supportive Jury] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\Supportive Jury] 'ImagePath' = '%APPDATA%\Supportive Jury\Supportive Jury.exe'
- 'Supportive Jury' %APPDATA%\Supportive Jury\Supportive Jury.exe
- %APPDATA%\supportive jury\supportive jury.exe
- %ALLUSERSPROFILE%\{7b1480e6-7857-3c90-7b14-480e67850399}\<Имя файла>.exe
- %ALLUSERSPROFILE%\{7b1480e6-7857-3c90-7b14-480e67850399}\<Имя файла>.dat
- %APPDATA%\supportive jury\fba00.dat
- 'ge####ltiple.link':80
- http://ge####ltiple.link/?q=#####################################################################################################################################################################...
- DNS ASK ge####ltiple.link
- '%APPDATA%\supportive jury\supportive jury.exe'