Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\6to4] 'Start' = '00000002'
- %TEMP%\65600.exe
- ClassName: 'PROCMON_WINDOW_CLASS' WindowName: ''
- ClassName: 'ollydbg' WindowName: ''
- %TEMP%\129515.gho
- %TEMP%\65600.exe
- %TEMP%\65600
- <SYSTEM32>\config\SysEvent.Evt
- %TEMP%\65600.exe
- <SYSTEM32>\config\AppEvent.Evt
- <SYSTEM32>\config\SecEvent.Evt
- 'hg####ng.3322.org':9231
- DNS ASK hg####ng.3322.org
- ClassName: '18467-41' WindowName: ''
- ClassName: 'SoftSnoopMainDialog' WindowName: ''
- ClassName: '' WindowName: 'APIScan'
- ClassName: 'ThunderRT6Form' WindowName: ''
- ClassName: '' WindowName: 'QuickUnpack v2.1'
- ClassName: '' WindowName: 'RL!dePacker - Generic Unpacker'
- ClassName: 'WinDbgFrameClass' WindowName: ''
- ClassName: '' WindowName: 'Syser : Active Hotkey [Ctrl+F12]'
- ClassName: '' WindowName: 'Syser Debugger - Win32 User Mode Debugger'
- ClassName: '' WindowName: 'Raglstry Moniter - Sysexternals: www.sysexternals.com'
- ClassName: '' WindowName: '????????'
- ClassName: '' WindowName: 'Microsoft Spy++ - [???? 1]'