Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'sys32' = '%APPDATA%\system\sysinfo'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'sys32' = '\system\sysinfo'
- '%TEMP%\file187100\file187100.exe'
- '%APPDATA%\file187100.exe'
- '<SYSTEM32>\ping.exe' 1.1.1.1 -n 1 -w 1000
- '<SYSTEM32>\taskmgr.exe'
- '%CommonProgramFiles%\Microsoft Shared\DW\DW20.EXE' -x -s 600
- '<SYSTEM32>\cmd.exe' /C ping 1.1.1.1 -n 1 -w 1000 > Nul & Del "%APPDATA%\file187100.exe"
- %APPDATA%\Imminent\Logs\24-11-2017
- %APPDATA%\system\sysinfo
- %APPDATA%\Imminent\Path.dat
- %APPDATA%\Imminent\Monitoring\network.dat
- %APPDATA%\Imminent\Monitoring\system.dat
- %APPDATA%\file375798.exe
- %APPDATA%\file187100.exe
- %TEMP%\dw.log
- C:\system\sysinfo
- %TEMP%\39EB2.dmp
- %TEMP%\file187100\file187100.exe
- %APPDATA%\file187100.exe
- '19#.96.6.55':3145
- ClassName: '' WindowName: 'Windows Task Manager'