Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'VFXGNxv++pP' = '<LS_APPDATA>\Microsoft\Windows\lmzhxlf.exe'
- '<SYSTEM32>\svchost.exe'
- <SYSTEM32>\svchost.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\QWRsN2srdjlxUUdDYVp0aTBMUzl2K2V1bXh2MVJjS0EyLzdYeFJGMW9sNnRvK29kYmdxdFhFaC96TDQvQUVucnZ6K2hNWW12L3FUWFN3SDVSbU1ZVXg5elBycVg0Skt6TkdnUVJNVFdFcFJT[1]
- %TEMP%\jpwflaewm.tmp
- <LS_APPDATA>\Microsoft\Windows\lmzhxlf.exe
- %TEMP%\jpwflaewm.tmp
- '17#.#12.201.123':80
- 17#.#12.201.123/QWRsN2srdjlxUUdDYVp0aTBMUzl2K2V1bXh2MVJjS0EyLzdYeFJGMW9sNnRvK29kYmdxdFhFaC96TDQvQUVucnZ6K2hNWW12L3FUWFN3SDVSbU1ZVXg5elBycVg0Skt6TkdnUVJNVFdFcFJT
- 17#.#12.201.123/
- ClassName: 'Indicator' WindowName: '(null)'