Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Downloader1' = '%HOMEPATH%\Start Menu\Programs\Startup\xqytdadcsx.exe'
- %HOMEPATH%\Start Menu\Programs\Startup\xqytdadcsx.exe
- '%HOMEPATH%\Start Menu\Programs\Startup\xqytdadcsx.exe'
- '%HOMEPATH%\Start Menu\Programs\Startup\xqytdadcsx.exe' (загружен из сети Интернет)
- 'in#####calcados.com.br':80
- in#####calcados.com.br/site/wp-admin/includes/xqytdadcsx.exe
- DNS ASK in#####calcados.com.br
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''