Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'configuration' = '%WINDIR%\configuration\configuration.exe'
- %WINDIR%\CIDD_P\lsass.exe
- %WINDIR%\explorer.exe <Текущая директория>\<Имя вируса>
- %WINDIR%\CIDD_P\41646D696E6973747261746F72\nam.dll
- %WINDIR%\configuration\configuration.exe
- %WINDIR%\CIDD_P\lsass.exe
- %WINDIR%\CIDD_P\41646D696E6973747261746F72\br.dll
- %WINDIR%\CIDD_P\41646D696E6973747261746F72\br.dll
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: ''