Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Windows Recycle Utility' = '%APPDATA%\lsass.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Windows Firewall' = '%APPDATA%\lsass.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] 'Windows Automatic Update' = '%APPDATA%\lsass.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'Windows Desktop' = '%APPDATA%\lsass.exe'
- %APPDATA%\lsass.exe
- Drwebupw.exe
- smc.exe
- fsav32.exe
- outpost.exe
- ekrn.exe
- AVP.EXE
- bdagent.exe
- zlclient.exe
- %APPDATA%\lsass.exe
- %APPDATA%\lsass.exe
- 'oh##.###vegotshemale.info':7777
- DNS ASK oh##.###vegotshemale.info
- '<IP-адрес в локальной сети>':1035
- ClassName: 'Indicator' WindowName: ''