Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '2f3720a66fbc76ded9132dbab4f73b5e' = '"%HOMEPATH%\Local Settings\Temp123456.exe" ..'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '2f3720a66fbc76ded9132dbab4f73b5e' = '"%HOMEPATH%\Local Settings\Temp123456.exe" ..'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '2f3720a66fbc76ded9132dbab4f73b5e' = '%HOMEPATH%\Local Settings\Temp123456.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '2f3720a66fbc76ded9132dbab4f73b5e' = '%HOMEPATH%\Local Settings\Temp123456.exe'
- %HOMEPATH%\Start Menu\Programs\Startup2f3720a66fbc76ded9132dbab4f73b5e
- '%HOMEPATH%\Local Settings\Temp123456.exe'
- %HOMEPATH%\Local Settings\Temp123456.exe
- 'ma####a29.no-ip.biz':1177
- DNS ASK ma####a29.no-ip.biz
- ClassName: 'Indicator' WindowName: '(null)'