Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'SetUp' = 'C:\system32\devicexp.exe'
- <SYSTEM32>\regsvr32.exe /s MSWINSCK.ocx
- %WINDIR%\regedit.exe /s c:\reg.reg
- C:\reg.reg
- <SYSTEM32>\devicexp.exe
- 'any':0
- 'ir#.#pera.com':6667
- DNS ASK ir#.#pera.com
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'RegEdit_RegEdit' WindowName: ''