Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'DarkScape.jar' = '%HOMEPATH%\DarkScape.jar'
- '<SYSTEM32>\REG.exe' ADD "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /V "DarkScape.jar" /t REG_SZ /F /D "%HOMEPATH%\DarkScape.jar"
- Библиотека-обработчик для всех процессов: %TEMP%\JNativeHook_7000447896429831981.dll
- %TEMP%\JNativeHook_7000447896429831981.dll
- %HOMEPATH%\js_plugins\MessageBox.jar
- %APPDATA%\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DarkScape.jar
- %HOMEPATH%\DarkScape.jar
- %TEMP%\DarkScape.jar
- %TEMP%\nyan_nyan_cat_by_milaqt-d3egr49.jpg
- %HOMEPATH%\js_plugins\DisableWebcamLightsStub.jar
- 'ta####mmy.ddns.net':1199
- DNS ASK dn#.##ftncsi.com
- DNS ASK ta####mmy.ddns.net
- ClassName: 'Indicator' WindowName: ''