Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{C45OW8A6-6AD8-15V5-W473-50608LKL18QS}] 'StubPath' = 'c:\dir\install\install\server.exe Restart'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] 'Policies' = ''
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] 'Policies' = ''
- '%TEMP%\Wolfteam Rain Hack Crack v3.exe'
- 'C:\dir\install\install\server.exe'
- %TEMP%\XxX.xXx
- %TEMP%\UuU.uUu
- %TEMP%\Wolfteam Rain Hack Crack v3.exe
- %APPDATA%\Roaming\logs.dat
- %APPDATA%\Roaming\Microsoft\Crypto\RSA\S-1-5-21-3525224950-2885160813-905547259-1000\88603cb2913a7df3fbd16b5f958e6447_fdaad129-04df-4089-bb80-174ce725f721
- C:\dir\install\install\server.exe
- %TEMP%\XX--XX--XX.txt
- %APPDATA%\Roaming\logs.dat
- %TEMP%\XxX.xXx
- %TEMP%\UuU.uUu
- %TEMP%\XX--XX--XX.txt
- 'yu####502.no-ip.org':82
- 'yu####502.no-ip.org':80
- DNS ASK dn#.##ftncsi.com
- DNS ASK yu####502.no-ip.org
- ClassName: 'OleMainThreadWndClass' WindowName: '(null)'
- ClassName: 'InstItClass' WindowName: '(null)'