Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '<SYSTEM32>\oqeizp.exe'
- '<SYSTEM32>\oqeizp.exe'
- 'C:\DNFЅЭ±Є.exe'
- 'C:\012.exe'
- '<SYSTEM32>\cmd.exe' /c "012.exe_And DeleteMe.bat"
- %WINDIR%\dz.dat
- <Текущая директория>\012.exe_And DeleteMe.bat
- %WINDIR%\bhkwz.exe
- C:\012.exe
- C:\DNFЅЭ±Є.exe
- <SYSTEM32>\oqeizp.exe
- C:\012.exe
- '22#.#86.15.69':998
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: '(null)' WindowName: '(null)'