Техническая информация
- [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] 'Rainmeter' = '%ALLUSERSPROFILE%\4I1D5J273V988NPWS24\Rainmeter.exe'
- %ALLUSERSPROFILE%\4i1d5j273v988npws24\rainmeter.dll
- %ALLUSERSPROFILE%\4i1d5j273v988npws24\rainmeter.exe
- %ALLUSERSPROFILE%\4i1d5j273v988npws24\rainmeter.txt
- %LOCALAPPDATA%\178bfbff000406f1
- %ALLUSERSPROFILE%\4i1d5j273v988npws24\key
- %ALLUSERSPROFILE%\4i1d5j273v988npws24\key
- '10#.#48.21.19':9090
- '10#.#48.21.19':6656
- '10#.#48.21.19':6566
- '10#.#48.21.19':6756
- http://10#.##8.21.19:9090/9x.dll via 10#.#48.21.19
- ClassName: 'EDIT' WindowName: ''
- '%ALLUSERSPROFILE%\4i1d5j273v988npws24\rainmeter.exe'