Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'thosts' = 'c:\i\25.exe'
- 'C:\i\25.exe'
- '<SYSTEM32>\rundll32.exe' <SYSTEM32>\shell32.dll,OpenAs_RunDLL c:\i\55.mp4
- C:\i\55.mp4
- C:\i\25.exe
- 'mi###work.com':80
- mi###work.com/events/get_temp.php?na##########################################
- mi###work.com/events/add_temp.php?na##########################################
- DNS ASK mi###work.com
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''