Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{3RCN870Y-W5C1-688R-X7W0-37U8YQ30UXS8}] 'StubPath' = '"%APPDATA%\Install\Host.exe"'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'system' = '%APPDATA%\Install\Host.exe'
- '%APPDATA%\Install\Host.exe' "<Полный путь к вирусу>"
- %APPDATA%\Install\.Identifier
- %APPDATA%\Install\Host.exe
- %APPDATA%\Install\.Identifier
- 'lo###.#ackermind.info':3360
- DNS ASK lo###.#ackermind.info
- ClassName: 'Indicator' WindowName: ''