Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\ABC] 'Start' = '00000002'
- '%ALLUSERSPROFILE%\DRM\ABC\m.exe'
- '%TEMP%\m.exe'
- '<SYSTEM32>\msiexec.exe'
- '<SYSTEM32>\svchost.exe'
- <SYSTEM32>\msiexec.exe
- <SYSTEM32>\svchost.exe
- %ALLUSERSPROFILE%\DRM\ABC\msi.dyload
- %ALLUSERSPROFILE%\DRM\ABC\m.exe
- %ALLUSERSPROFILE%\DRM\ABC\nqjyxudknzugmahddt
- %ALLUSERSPROFILE%\DRM\ABC\msi.dll
- %TEMP%\m.exe
- %TEMP%\msi.dll
- %TEMP%\msi.dyload
- %ALLUSERSPROFILE%\DRM\ABC\m.exe
- %ALLUSERSPROFILE%\DRM\ABC\msi.dyload
- %ALLUSERSPROFILE%\DRM\ABC\msi.dll
- %TEMP%\m.exe
- 'ca####.zues.info':8080
- 'ca####.bacguarp.com':8080
- DNS ASK ca####.zues.info
- DNS ASK ca####.bacguarp.com
- 'ca####.zues.info':8080
- 'ca####.bacguarp.com':8080
- ClassName: 'IEFrame' WindowName: ''