Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'яяяяяяяяя' = '<Virus name>.exe'
- '<SYSTEM32>\<Virus name>.exe'
- <SYSTEM32>\<Virus name>.exe
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'RavMonClass' WindowName: 'RavMon.exe'