Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Nationalqpq] 'Start' = '00000002'
- <SYSTEM32>\jwzvwy.exe
- C:\їА·щ.exe
- C:\Б»єсpc+°Л»з+zbpc_check.exe
- <SYSTEM32>\findstr.exe ":8080 :8000" %TEMP%\zbcheck.txt
- <SYSTEM32>\netstat.exe -b
- <SYSTEM32>\cmd.exe /c ""%TEMP%\2.tmp\zbpc check.cmd""
- <SYSTEM32>\jwzvwy.exe
- %TEMP%\zbcheck.txt
- %TEMP%\2.tmp\zbpc check.cmd
- C:\Б»єсpc+°Л»з+zbpc_check.exe
- C:\їА·щ.exe
- '21#.#08.18.121':8080