Техническая информация
- %WINDIR%\tasks\easyresize.job
- <SYSTEM32>\tasks\easyresize
- [<HKLM>\System\CurrentControlSet\Services\Sympathetic Loyality] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\Sympathetic Loyality] 'ImagePath' = '%APPDATA%\Sympathetic Loyality\Sympathetic Loyality.exe'
- 'Sympathetic Loyality' %APPDATA%\Sympathetic Loyality\Sympathetic Loyality.exe
- %ALLUSERSPROFILE%\{dc488bc8-7e45-4d71-dc48-88bc87e42f21}\<Имя файла>.exe
- %ALLUSERSPROFILE%\{dc488bc8-7e45-4d71-dc48-88bc87e42f21}\<Имя файла>.dat
- %APPDATA%\sympathetic loyality\sympathetic loyality.exe
- %APPDATA%\sympathetic loyality\j8.dat
- 'ce####-ring.link':80
- 'al####el-pro.com':80
- http://ce####-ring.link/?q=######################################################################################################################################################################...
- DNS ASK ce####-ring.link
- DNS ASK al####el-pro.com
- '%APPDATA%\sympathetic loyality\sympathetic loyality.exe'