Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'kasky' = '"%ALLUSERSPROFILE%\Application Data\kasky\main.exe"'
- [<HKLM>\SYSTEM\ControlSet001\Services\system-155390] 'ImagePath' = '%ALLUSERSPROFILE%\Application Data\kasky\main.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\system-155390] 'Start' = '00000002'
- '<SYSTEM32>\svchost.exe'
- '%ALLUSERSPROFILE%\Application Data\kasky\main.exe'
- '%TEMP%\7z1D8A5B40\VPDN_LU.exe'
- <SYSTEM32>\svchost.exe
- %ALLUSERSPROFILE%\Application Data\kasky\config.ini
- %ALLUSERSPROFILE%\Application Data\kasky\log.log
- %TEMP%\7z1D8A5B40\navlu.dll
- %TEMP%\7z1D8A5B40\navlu.dll.url
- %TEMP%\7z1D8A5B40\VPDN_LU.exe
- %TEMP%\7z1D8A5B40\navlu.dll.url в %ALLUSERSPROFILE%\Application Data\kasky\navlu.dll.url
- %TEMP%\7z1D8A5B40\navlu.dll в %ALLUSERSPROFILE%\Application Data\kasky\navlu.dll
- %TEMP%\7z1D8A5B40\VPDN_LU.exe в %ALLUSERSPROFILE%\Application Data\kasky\main.exe
- '<L####NET>.1.237':443
- ClassName: 'Indicator' WindowName: ''