Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'hn7e6068' = '<SYSTEM32>\LKIMLBKIFBHJ[LLGGBGHM[M\hn7e6068.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe] 'Debugger' = '<SYSTEM32>\LKIMLBKIFBHJ[LLGGBGHM[M\hn7e6068.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'hn7e6068' = '<SYSTEM32>\LKIMLBKIFBHJ[LLGGBGHM[M.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe] 'Debugger' = '<SYSTEM32>\LKIMLBKIFBHJ[LLGGBGHM[M\services.exe'
- <SYSTEM32>\LKIMLBKIFBHJ[LLGGBGHM[M\hn7e6068.exe
- <SYSTEM32>\YXVZYOXVSOUW[YYTTOTUZ[Z\mirror.exe
- <SYSTEM32>\YXVZYOXVSOUW[YYTTOTUZ[Z\netdhcp.exe
- <SYSTEM32>\YXVZYOXVSOUW[YYTTOTUZ[Z\servicess.exe
- <SYSTEM32>\YXVZYOXVSOUW[YYTTOTUZ[Z\scservice.exe
- <SYSTEM32>\LKIMLBKIFBHJ[LLGGBGHM[M\hn7e6068.exe
- <SYSTEM32>\YXVZYOXVSOUW[YYTTOTUZ[Z\mirror.exe
- <SYSTEM32>\YXVZYOXVSOUW[YYTTOTUZ[Z\netdhcp.exe
- <SYSTEM32>\YXVZYOXVSOUW[YYTTOTUZ[Z\servicess.exe
- <SYSTEM32>\YXVZYOXVSOUW[YYTTOTUZ[Z\scservice.exe
- <SYSTEM32>\LKIMLBKIFBHJ[LLGGBGHM[M\hn7e6068.exe
- 'cn#.##berdrill.my':80
- cn#.##berdrill.my/gerudi/update.txt?ho###########################
- DNS ASK cn#.##berdrill.my