Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'NewHome' = '"<Полный путь к вирусу>"'
- '<SYSTEM32>\reg.exe' add "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{93c338de-5fb5-4fb5-ab4e-0eedc0bd9f3a}" /v "Version" /t REG_SZ /d "*" /f
- '<SYSTEM32>\reg.exe' add "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}" /v "Version" /t REG_SZ /d "*" /f
- '<SYSTEM32>\reg.exe' add "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}" /v "Flags" /t REG_DWORD /d 1 /f
- '<SYSTEM32>\reg.exe' add "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "NewHome" /t REG_SZ /d "\"<Полный путь к вирусу>\"" /f
- '<SYSTEM32>\reg.exe' add "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{93c338de-5fb5-4fb5-ab4e-0eedc0bd9f3a}" /v "Flags" /t REG_DWORD /d 1 /f
- %TEMP%\NH46D71D.ini
- %TEMP%\NH9FA94A.ini
- %TEMP%\NHA0BA8D.ini
- %TEMP%\NH46D71D.ini
- %TEMP%\NH9FA94A.ini
- %TEMP%\NHA0BA8D.ini
- ClassName: 'Indicator' WindowName: ''