Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Update' = '%APPDATA%\1lV0v14BP.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Update' = '%APPDATA%\1lV0v14BP.exe'
- %APPDATA%\1lV0v14BP.exe
- %WINDIR%\Explorer.EXE
- %APPDATA%\1lV0v14BP.exe
- %APPDATA%\1lV0v14BP.exe
- 'th###.no-ip.info':6667
- DNS ASK th###.no-ip.info
- ClassName: 'nkhjnk' WindowName: 'nkhjnk'
- ClassName: 'kfeejgdac' WindowName: 'kfeejgdac'
- ClassName: 'cYYdlifchebX' WindowName: 'cYYdlifchebX'
- ClassName: 'jgdfjgdacYhe' WindowName: 'jgdfjgdacYhe'
- ClassName: 'lgffkhebeb' WindowName: 'lgffkhebeb'
- ClassName: 'JGFKQPNK' WindowName: 'JGFKQPNK'
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'jgffi' WindowName: 'jgffi'
- ClassName: 'vqppsro' WindowName: 'vqppsro'
- ClassName: 'ebYbLKH' WindowName: 'ebYbLKH'
- ClassName: 'olllqnkh' WindowName: 'olllqnkh'
- ClassName: 'zuttwt' WindowName: 'zuttwt'
- ClassName: 'daXlqnkhif' WindowName: 'daXlqnkhif'
- ClassName: 'KHEFIFCzByvsr' WindowName: 'KHEFIFCzByvsr'
- ClassName: 'IFEHP' WindowName: 'IFEHP'
- ClassName: 'CxwyEByvA' WindowName: 'CxwyEByvA'
- ClassName: 'EDBFNMJGJG' WindowName: 'EDBFNMJGJG'
- ClassName: 'qlkmspmjnkhe' WindowName: 'qlkmspmjnkhe'
- ClassName: 'cYbdjihehe' WindowName: 'cYbdjihehe'