Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\aMIXWdMdPUNC.lnk
- '%WINDIR%\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe'
- '%APPDATA%\TJUC.exe' "%APPDATA%\TJUCW.au3"
- %WINDIR%\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
- %APPDATA%\TJUC.exe
- %APPDATA%\TJUCW.au3
- %TEMP%\aut1.tmp
- %TEMP%\kmhwpwd
- %HOMEPATH%\TuorVrRcu5SLy1dt\TJUCW.au3
- %HOMEPATH%\TuorVrRcu5SLy1dt\TJUC.exe
- %TEMP%\kmhwpwd
- %TEMP%\aut1.tmp
- %APPDATA%\TJUC.exe в %HOMEPATH%\TuorVrRcu5SLy1dt\TJUC.exe
- %APPDATA%\TJUCW.au3 в %HOMEPATH%\TuorVrRcu5SLy1dt\TJUCW.au3
- 'ap#.#pify.org':80
- 'do####.droppedpool.xyz':7331
- 'ip##pi.com':80
- 'fr###eoip.net':80
- http://ap#.#pify.org/
- http://fr###eoip.net/xml/
- http://ip##pi.com/json/
- DNS ASK ap#.#pify.org
- DNS ASK do####.droppedpool.xyz
- DNS ASK ip##pi.com
- DNS ASK fr###eoip.net
- ClassName: 'Shell_TrayWnd' WindowName: ''