Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'MalwareBot' = '<Текущая директория>\MalwareBot.exe -boot'
- %WINDIR%\Tasks\MalwareBot Scheduled Scan.job
- %TEMP%\~DFC0F8.tmp
- %APPDATA%\MalwareBot\Log\2016 May 25 - 12_08_03 PM_875.log
- 'sp#####db3.2squared.com':80
- http://sp#####db3.2squared.com/update/info
- DNS ASK sp#####db3.2squared.com
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''