Техническая информация
- [<HKLM>\System\CurrentControlSet\Services\Irritated History] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\Irritated History] 'ImagePath' = '%APPDATA%\Irritated History\Irritated History.exe'
- %APPDATA%\irritated history\irritated history.exe
- %ALLUSERSPROFILE%\application data\{392493ff-79bc-d388-3924-493ff79b4ffd}\<Имя файла>.exe
- %APPDATA%\irritated history\fba00.dat
- DNS ASK pa###tmodel.biz
- DNS ASK fi####usapro.info
- DNS ASK mo###odel.biz
- '%APPDATA%\irritated history\irritated history.exe'