Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'A9915933' = '%APPDATA%\A9915933\bin.exe'
- '%WINDIR%\explorer.exe'
- <SYSTEM32>\cscript.exe
- %APPDATA%\A9915933\bin.exe
- %APPDATA%\A9915933\log.dat
- 'mp###xuvifuu.pw':80
- http://mp###xuvifuu.pw/q5RKMMsBY2/
- DNS ASK mp###xuvifuu.pw
- ClassName: 'Indicator' WindowName: ''