Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '<SYSTEM32>\winlogom.exe'
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\video[1].zip
- C:\waaa.zip
- <SYSTEM32>\winlogom.exe
- 'oi##or2.com':80
- 'localhost':1035
- oi##or2.com/images/file/video.zip
- DNS ASK oi##or2.com
- ClassName: 'Shell_TrayWnd' WindowName: ''