Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '85760c6b18af02bfcc1788c923f5086b' = '"%TEMP%\hackerkhloufi chouarfia mesra.exe" ..'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '85760c6b18af02bfcc1788c923f5086b' = '"%TEMP%\hackerkhloufi chouarfia mesra.exe" ..'
- %HOMEPATH%\Start Menu\Programs\Startup\85760c6b18af02bfcc1788c923f5086b.exe
- <Имя диска съемного носителя>:\85760c6b18af02bfcc1788c923f5086b.exe
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%TEMP%\hackerkhloufi chouarfia mesra.exe' = '%TEMP%\hackerkhloufi chouarfia mesra.exe:*:Enabled:hackerkhloufi chouarfia mesra.exe'
- '%TEMP%\hackerkhloufi chouarfia mesra.exe'
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%TEMP%\hackerkhloufi chouarfia mesra.exe" "hackerkhloufi chouarfia mesra.exe" ENABLE
- %TEMP%\hackerkhloufi chouarfia mesra.exe
- <Имя диска съемного носителя>:\85760c6b18af02bfcc1788c923f5086b.exe
- '12#.0.1.1':7547
- ClassName: 'Indicator' WindowName: '(null)'