Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '' = '<SYSTEM32>\explorer.exe'
- '%TEMP%\sarasteel test.exe'
- '<SYSTEM32>\explorer.exe' ONCE
- firefox.exe
- %TEMP%\sarasteel test.exe
- <SYSTEM32>\explorer.exe
- 'ar####07.no-ip.biz':1604
- DNS ASK au######on.whatismyip.com
- DNS ASK wp#d
- DNS ASK ar####07.no-ip.biz
- ClassName: 'Indicator' WindowName: ''