Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'smss' = '<LS_APPDATA>\smss\MyFile.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'smss' = '\smss\MyFile.exe'
- %APPDATA%\Imminent\Path.dat
- %APPDATA%\Imminent\Logs\20-08-2016
- C:\smss\MyFile.exe
- <LS_APPDATA>\smss\MyFile.exe
- '1.###.36.101':5009
- ClassName: 'Indicator' WindowName: ''