Техническая информация
- [<HKLM>\SOFTWARE\Classes\PSP\shell\open\command] '' = '"%ALLUSERSPROFILE%\Application Data\" --startexe "%1"'
- [<HKLM>\SOFTWARE\Classes\.exe] '' = 'PSP'
- [<HKLM>\SOFTWARE\Classes\PSP\shell\open\command] '' = '"%ALLUSERSPROFILE%\Application Data\WQDjVX7N.pspro" --startexe "%1"'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'WQDjVX7N.pspro' = '%ALLUSERSPROFILE%\Application Data\WQDjVX7N.pspro --run'
- %ALLUSERSPROFILE%\Application Data\WQDjVX7N.pspro --run --delete "<Полный путь к вирусу>"
- %ALLUSERSPROFILE%\Application Data\WQDjVX7N.pspro
- '18#.#2.234.26':80
- 18#.#2.234.26/api/stats/install/1.0.0.326/01601
- 18#.#2.234.26/api/stats/debug/1.0.0.326/1/01601
- 18#.#2.234.26/api/stats/debug/1.0.0.326/2/01601
- 18#.#2.234.26/api/stats/debug/1.0.0.326/3/01601
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''