Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\COMSysApp] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\SENS] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\SENS\Parameters] 'ServiceDll' = '"%ALLUSERSPROFILE%\Application Data\wharjjmqwe.dat"'
- <SYSTEM32>\net1.exe start SENS
- <SYSTEM32>\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
- <SYSTEM32>\net1.exe start COMSysApp
- %TEMP%\12321312020.tmp
- %WINDIR%\Registration\{02D4B3F1-FD88-11D1-960D-00805FC79235}.{F64E3219-F09B-4262-98C4-A8C68C11B0DA}.crmlog
- %ALLUSERSPROFILE%\Application Data\wharjjmqwe.dat
- %ALLUSERSPROFILE%\Documents\ewqmjjrahw.dat
- %ALLUSERSPROFILE%\Documents\ewqmjjrahw.dat
- %ALLUSERSPROFILE%\Application Data\wharjjmqwe.dat
- %TEMP%\12321312020.tmp
- %WINDIR%\Registration\{02D4B3F1-FD88-11D1-960D-00805FC79235}.{E58DFEED-FD87-424D-B178-3D81F95917DF}.crmlog