Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'FEA05D65' = '%APPDATA%\FEA05D65\bin.exe'
- %HOMEPATH%\Start Menu\Programs\Startupx\system.pif
- '<SYSTEM32>\winver.exe'
- <SYSTEM32>\winver.exe
- %APPDATA%\FEA05D65\bin.exe
- 'ne####dultimati.cc':80
- http://ne####dultimati.cc/fa088niiin880nd/
- DNS ASK ne####dultimati.cc
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''