Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'fhhwpgvt' = '"%APPDATA%\Microsoft\Lzapnmnm\lzapnmnm.exe"'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'CTFMON.EXE' = '"%APPDATA%\Microsoft\Lzapnmnm\lzapnmnm.exe" /c <SYSTEM32>\ctfmon.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\zofiphhe] 'Start' = '00000002'
- '%APPDATA%\Microsoft\Lzapnmnm\lzapnmnm.exe'
- '<SYSTEM32>\ping.exe' -n 10 localhost
- %WINDIR%\Explorer.EXE
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] '2500' = '00000003'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '2500' = '00000003'
- %APPDATA%\Mozilla\Firefox\Profiles\cwdgt0y8.default\user.js
- %APPDATA%\Microsoft\Lzapnmnm\lzapnmnm32.dll
- %APPDATA%\Microsoft\Lzapnmnm\lzapnmnm.exe
- %APPDATA%\Microsoft\Lzapnmnm\lzapnmn.dll
- '20#.#6.232.182':80
- '74.##5.232.51':80
- 20#.#6.232.182/
- 74.##5.232.51/
- DNS ASK vi######sset.edgesuite.net
- DNS ASK www.ip###ress.com
- DNS ASK google.com
- DNS ASK microsoft.com
- ClassName: 'lzapnmnm' WindowName: 'lzapnmnm'
- ClassName: 'Indicator' WindowName: ''