Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'bparse' = '%APPDATA%\Roaming\WinKun\winkun.exe'
- '%APPDATA%\Roaming\WinKun\winkun.exe'
- '<SYSTEM32>\taskkill.exe' /f /t /im winkun.exe
- %TEMP%\nsq8FE2.tmp\splash.bmp
- %TEMP%\nsa8FE1.tmp
- %APPDATA%\Roaming\WinKun\winkun.exe
- %TEMP%\nsq8FE2.tmp\ebb.dll
- %APPDATA%\Roaming\1.bat
- %TEMP%\nsq8FE2.tmp\splash.dll
- %TEMP%\nsv1B4F.tmp\ebb.dll
- %TEMP%\nsv1B4F.tmp\splash.dll
- %TEMP%\nsv1B4F.tmp\splash.bmp
- %TEMP%\nsp1B2E.tmp
- %TEMP%\15 - Blood Reign (feat. Diamondback, Louis Logic, and B.A. Barakus).mp3
- %TEMP%\awjdkawl91uiaowjk1
- %TEMP%\bbbseal1.gif
- %TEMP%\nsq8FE2.tmp\ebb.dll
- %TEMP%\nsq8FE2.tmp\splash.bmp
- %TEMP%\nsq8FE2.tmp\splash.dll
- %TEMP%\nsv1B4F.tmp\ebb.dll
- %TEMP%\nsv1B4F.tmp\splash.bmp
- %TEMP%\nsv1B4F.tmp\splash.dll
- DNS ASK dn#.##ftncsi.com
- DNS ASK www.google.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''
- ClassName: '' WindowName: ''