Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '8fb21ee7a2207526da55a679f0332de2' = '%ALLUSERSPROFILE%\Application Data\Important.exe'
- [<HKCU>\Software\IMVU\username]
- %ALLUSERSPROFILE%\Application Data\CRNJEUFU_9_11_10_28_1.png
- %ALLUSERSPROFILE%\Application Data\Important.exe
- %TEMP%\svhost.exe
- 'mo#####ssing.website':80
- 'wp#d':80
- http://mo#####ssing.website/keybase_panel/post.php?ty###########################################################
- http://11#.#11.111.1/wpad.dat via wp#d
- DNS ASK mo#####ssing.website
- DNS ASK wp#d
- ClassName: 'Shell_TrayWnd' WindowName: ''