Техническая информация
- [HKCU\Software\Microsoft\Windows\CurrentVersion\Run] 'RageMP131' = '%LOCALAPPDATA%\RageMP131\RageMP131.exe'
- <SYSTEM32>\tasks\mpgph131 hr
- <SYSTEM32>\tasks\mpgph131 lg
- %LOCALAPPDATA%\ragemp131\ragemp131.exe
- %ALLUSERSPROFILE%\mpgph131\mpgph131.exe
- %TEMP%\rage131mp.tmp
- '19#.#33.132.62':50500
- '19#.#33.132.62':50500
- '%WINDIR%\syswow64\schtasks.exe' /create /f /RU "user" /tr "%ALLUSERSPROFILE%\MPGPH131\MPGPH131.exe" /tn "MPGPH131 HR" /sc HOURLY /rl HIGHEST
- '%WINDIR%\syswow64\schtasks.exe' /create /f /RU "user" /tr "%ALLUSERSPROFILE%\MPGPH131\MPGPH131.exe" /tn "MPGPH131 LG" /sc ONLOGON /rl HIGHEST