Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '梦召远控被控端' = '"%PROGRAM_FILES%\MZYCKZ-BKD\MZYCKZ-BKD.exe"'
- '%WINDIR%\regedit.exe' -s MZYCKZ-BKD.reg
- C:\MZYCKZ-BKD.reg
- C:\MZYCKZ-BKD.bat
- C:\MZYCKZ-BKD.reg
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- ClassName: 'EDIT' WindowName: ''