Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] 'KMylxifzcndshMCfJurkyfQKqN' = '<SYSTEM32>\Bik_QebQQfthAz.exe'
- [<HKLM>\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%WINDIR%\explorer.exe' = '%WINDIR%\explorer.exe:*:Enabled:KMylxifzcndshMCfJurkyfQKqN'
- '<SYSTEM32>\rundll32.exe' <SYSTEM32>\FirewallControlPanel.dll,ShowNotificationDialog /configure /ETOnly 0 /OnProfiles 6 /OtherAllowed 0 /OtherBlocked 0 /OtherEdgeAllowed 0 /NewBlocked 4 "%WINDIR%\explorer.exe"
- '<SYSTEM32>\rundll32.exe' dfdts.dll,DfdGetDefaultPolicyAndSMART
- '%WINDIR%\explorer.exe'
- %WINDIR%\explorer.exe
- %APPDATA%\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\System Check.lnk
- <SYSTEM32>\Bik_QebQQfthAz.exe
- 'mi###nhils.in':80
- mi###nhils.in/kdfu/
- DNS ASK mi###nhils.in