Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Microsoft Run' = ''
- <LS_APPDATA>\%USERNAME%_Control.exe
- 'www.co###bi.coop.br':80
- 'se######bradaseguranca.com':80
- '20#.#8.146.34':82
- www.co###bi.coop.br/classe/mailer/scr.php
- se######bradaseguranca.com/jornada/container.vai
- DNS ASK www.co###bi.coop.br
- DNS ASK se######bradaseguranca.com
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''