Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'VFXGNxv++pP' = '<LS_APPDATA>\Microsoft\Windows\qtiutxc.exe'
- '<SYSTEM32>\svchost.exe'
- <SYSTEM32>\svchost.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\QWRsN2srdjlxUUdDYVp0aTBMUzl2K2V1bUJ2Y3lWWnRoTEdaQ3hicVRtUVNNRWpjL3lObGEyMENLVG9QcGdBbGxSUldNNDloaW9UZlZaOVErRDdmNnpSM1dhUXJleUt2ZWQ1ajNINm5jRG9PV1k4VkE5NV[1]
- %TEMP%\kekjqaftb.tmp
- <LS_APPDATA>\Microsoft\Windows\qtiutxc.exe
- %TEMP%\kekjqaftb.tmp
- 'to#####knetwork.in.net':80
- to#####knetwork.in.net/QWRsN2srdjlxUUdDYVp0aTBMUzl2K2V1bUJ2Y3lWWnRoTEdaQ3hicVRtUVNNRWpjL3lObGEyMENLVG9QcGdBbGxSUldNNDloaW9UZlZaOVErRDdmNnpSM1dhUXJleUt2ZWQ1ajNINm5jRG9PV1k4VkE5NVI4b3g5
- to#####knetwork.in.net/
- DNS ASK to#####knetwork.in.net
- ClassName: 'Indicator' WindowName: '(null)'