Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\Bitlocker.lnk
- '%TEMP%\Vm\Vmplayer.exe'
- %APPDATA%\Microsoft\Crypto\RSA\S-1-5-21-2052111302-484763869-725345543-1003\549b9b645cadfe6bb4bc69cf363c354c_23ef5514-3059-436f-a4a7-4cefaab20eb1
- %TEMP%\Vm\Vmplayer.exe
- %APPDATA%\Microsoft\Crypto\RSA\S-1-5-21-2052111302-484763869-725345543-1003\549b9b645cadfe6bb4bc69cf363c354c_23ef5514-3059-436f-a4a7-4cefaab20eb1
- 'la####on.mooo.com':443
- 'ju#####.justdied.com':443
- DNS ASK la####on.mooo.com
- DNS ASK ju#####.justdied.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''