Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\services\Windows Name Keying Log Shadow] 'Start' = '00000002'
- 'C:\cvrvwkawpnrez\arecjsf.exe' "c:\cvrvwkawpnrez\pmwnyznjxkx.exe"
- 'C:\cvrvwkawpnrez\pmwnyznjxkx.exe'
- 'C:\cvrvwkawpnrez\ud8t9vbuglonim.exe'
- C:\cvrvwkawpnrez\pmwnyznjxkx.exe
- C:\cvrvwkawpnrez\arecjsf.exe
- C:\cvrvwkawpnrez\fkqwjxbbzw
- %WINDIR%\cvrvwkawpnrez\tmjyizeep
- C:\cvrvwkawpnrez\tmjyizeep
- C:\cvrvwkawpnrez\ud8t9vbuglonim.exe
- C:\cvrvwkawpnrez\arecjsf.exe
- C:\cvrvwkawpnrez\pmwnyznjxkx.exe
- C:\cvrvwkawpnrez\ud8t9vbuglonim.exe
- %WINDIR%\cvrvwkawpnrez\tmjyizeep
- DNS ASK th###found.net
- DNS ASK ch###found.net
- DNS ASK ch###spring.net
- DNS ASK ch####uccess.net
- DNS ASK th###spring.net
- DNS ASK be####success.net
- DNS ASK ri####success.net
- DNS ASK dn#.##ftncsi.com
- DNS ASK be####banker.net
- DNS ASK ri####banker.net
- ClassName: 'Shell_TrayWnd' WindowName: ''