Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '8EE60039' = '%APPDATA%\8EE60039\bin.exe'
- '%WINDIR%\explorer.exe'
- <SYSTEM32>\cscript.exe
- %APPDATA%\8EE60039\bin.exe
- %APPDATA%\8EE60039\log.dat
- 'nj#####92yrjd7394.cc':80
- http://nj#####92yrjd7394.cc/el3h9sd5f3hgv3it/
- DNS ASK nj#####92yrjd7394.cc
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''