Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'suckmydick.exe' = '"%APPDATA%\fag\suckmydick.exe"'
- '%APPDATA%\fag\suckmydick.exe'
- '%TEMP%\notepad .exe'
- '%APPDATA%\tmp.exe'
- '<SYSTEM32>\ping.exe' 1.1.1.1 -n 1 -w 3
- %APPDATA%\tmp.exe
- %APPDATA%\fag\suckmydick.exe
- %TEMP%\ap.exe
- %TEMP%\notepad .exe
- %APPDATA%\fag\suckmydick.exe
- %APPDATA%\tmp.exe
- 'cr######st7845.zapto.org':58726
- DNS ASK cr######st7845.zapto.org
- ClassName: 'Indicator' WindowName: '(null)'