Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'msdb203c5c7.exe' = '"%APPDATA%\Roaming\Microsoft\msdb203c5c7.exe"'
- <SYSTEM32>\taskhost.exe
- %TEMP%\67357~.bat
- %APPDATA%\Roaming\Microsoft\msdb203c5c7.exe
- %TEMP%\~DFAFD610A8AEEEA33B.TMP
- %TEMP%\22b7288~
- %TEMP%\22b7288~
- %TEMP%\~DFAFD610A8AEEEA33B.TMP
- '10#.#28.200.37':8080
- '10#.#45.153.70':8080
- '16#.#44.88.73':8080
- '15#.#55.238.18':8080
- '10#.#28.200.47':8080
- '20#.44.54.3':8080
- '20#.#59.128.6':8080
- '15#.#55.238.209':8080
- '16#.#44.35.78':8080
- '19#.#5.182.110':8080
- '19#.#.122.176':8080
- '88.##8.228.111':8080
- '20#.#59.128.132':8080
- '11#.#9.124.163':8080
- ClassName: 'Indicator' WindowName: ''