Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Desktop Window Manager' = '%APPDATA%\Install\repair.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Desktop Window Manager' = '%APPDATA%\Install\repair.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Desktop Window Manager' = '%APPDATA%\dwm\sysmon.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Desktop Window Manager' = '%APPDATA%\dwm\sysmon.exe'
- '%APPDATA%\Install\repair.exe'
- '%APPDATA%\Install\repair.exe'
- '%APPDATA%\dwm\sysmon.exe'
- %APPDATA%\Install\.Identifier
- %APPDATA%\Install\repair.exe
- %APPDATA%\dwm\sysmon.exe
- %APPDATA%\Install\.Identifier
- %APPDATA%\dwm\sysmon.exe
- 'sy####.sytes.net':3360
- DNS ASK sy####.sytes.net