Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Endpoint KtmRm SPP Coordinator Modules' = 'C:\tozdyfsfsfyxpw\wvepcvxgzm.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\WinHTTP Debugger IPsec Proxy WMI Smart] 'ImagePath' = 'C:\tozdyfsfsfyxpw\wvepcvxgzm.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\WinHTTP Debugger IPsec Proxy WMI Smart] 'Start' = '00000002'
- 'C:\tozdyfsfsfyxpw\uuoabhvfpkx.exe' "c:\tozdyfsfsfyxpw\wvepcvxgzm.exe"
- 'C:\tozdyfsfsfyxpw\wvepcvxgzm.exe'
- 'C:\tozdyfsfsfyxpw\sr2j6jpe2ruo87vc.exe'
- C:\tozdyfsfsfyxpw\wvepcvxgzm.exe
- C:\tozdyfsfsfyxpw\uuoabhvfpkx.exe
- C:\tozdyfsfsfyxpw\h3wncezjczhd
- %WINDIR%\tozdyfsfsfyxpw\b0sqevj2liok
- C:\tozdyfsfsfyxpw\b0sqevj2liok
- C:\tozdyfsfsfyxpw\sr2j6jpe2ruo87vc.exe
- C:\tozdyfsfsfyxpw\uuoabhvfpkx.exe
- C:\tozdyfsfsfyxpw\wvepcvxgzm.exe
- C:\tozdyfsfsfyxpw\sr2j6jpe2ruo87vc.exe
- %WINDIR%\tozdyfsfsfyxpw\b0sqevj2liok
- %WINDIR%\tozdyfsfsfyxpw\b0sqevj2liok
- '41.#6.20.41':48405
- '18#.#07.197.116':24498
- '80.##1.86.158':33631
- '10#.#46.77.146':33927
- '20#.#70.207.211':37727
- '11#.#6.137.96':49919
- '79.##5.10.236':21201
- '17#.#50.138.208':20422
- ClassName: 'Shell_TrayWnd' WindowName: ''