Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Movie' = '%TEMP%\calcs.exe'
- %TEMP%\calcs.exe
- '<IP-адрес в локальной сети>':6651
- 'pr######nweekgol.kadm5.com':80
- pr######nweekgol.kadm5.com/gvr/contador.txt
- DNS ASK pr######nweekgol.kadm5.com
- ClassName: 'Indicator' WindowName: '(null)'
- ClassName: 'NDDEAgnt' WindowName: 'NetDDE Agent'
- ClassName: 'Chrome_WidgetWin_1' WindowName: '(null)'
- ClassName: 'MozillaWindowClass' WindowName: '(null)'