Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Diagnostic Block PNRP Player' = 'C:\liisqgnuycko\zxhjvaserxyi.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Management Credential Publication] 'ImagePath' = 'C:\liisqgnuycko\zxhjvaserxyi.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Management Credential Publication] 'Start' = '00000002'
- 'C:\liisqgnuycko\issuntnovcfg.exe' "c:\liisqgnuycko\zxhjvaserxyi.exe"
- 'C:\liisqgnuycko\zxhjvaserxyi.exe'
- 'C:\liisqgnuycko\wp3kk1qcnoahz1lzt.exe'
- C:\liisqgnuycko\zxhjvaserxyi.exe
- C:\liisqgnuycko\issuntnovcfg.exe
- C:\liisqgnuycko\d5taet
- %WINDIR%\liisqgnuycko\wq4gxe
- C:\liisqgnuycko\wq4gxe
- C:\liisqgnuycko\wp3kk1qcnoahz1lzt.exe
- C:\liisqgnuycko\issuntnovcfg.exe
- C:\liisqgnuycko\zxhjvaserxyi.exe
- C:\liisqgnuycko\wp3kk1qcnoahz1lzt.exe
- %WINDIR%\liisqgnuycko\wq4gxe
- %WINDIR%\liisqgnuycko\wq4gxe
- '11#.#6.137.96':49919
- '20#.#23.152.97':27682
- '79.##7.196.121':45688
- '18#.#23.70.113':37727
- '5.##.147.5':26337
- '31.##7.83.237':44843
- '94.##1.114.138':44254
- '20#.#36.131.186':52293
- '74.#5.64.25':22739
- '10#.#24.230.242':49777
- '18#.#31.193.123':28122
- ClassName: 'Shell_TrayWnd' WindowName: ''