Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'adobe_System_App' = '<SYSTEM32>\Toolkit.exe'
- [<HKCU>\Software\Microsoft\Internet Account Manager]
- [<HKCU>\Software\Microsoft\Internet Account Manager\Accounts]
- <SYSTEM32>\Toolkit.exe
- %TEMP%\~DF9DBE.tmp
- 'sm##.gmail.com':465
- 'ft#.##oaaqhyywe.com':21
- DNS ASK sm##.gmail.com
- DNS ASK ft#.##oaaqhyywe.com
- ClassName: 'Shell_TrayWnd' WindowName: ''