Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\DFDVbdXEUVUJ.lnk
- '<SYSTEM32>\schtasks.exe' /create /sc onlogon /tn "Client Monitor" /rl highest /tr "'%ProgramFiles%\Client\client.exe' /startup" /f
- '%WINDIR%\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe'
- '%APPDATA%\TMIU.exe' "%APPDATA%\fCOAb"
- <SYSTEM32>\svchost.exe
- %APPDATA%\fCOAb
- %APPDATA%\TMIU.exe
- %ProgramFiles%\Client\client.exe.config
- %ProgramFiles%\Client\client.exe
- <Текущая директория>\TMIU.exe
- %TEMP%\aut1.tmp
- <Текущая директория>\fCOAb
- %TEMP%\aut2.tmp
- %HOMEPATH%\43LDRt7URYMbDh4V\TMIU.exe
- %HOMEPATH%\43LDRt7URYMbDh4V\fCOAb
- %TEMP%\aut2.tmp
- %TEMP%\aut1.tmp
- %APPDATA%\TMIU.exe в %HOMEPATH%\43LDRt7URYMbDh4V\TMIU.exe
- %APPDATA%\fCOAb в %HOMEPATH%\43LDRt7URYMbDh4V\fCOAb
- 'os####jnd.ddns.net':5526
- DNS ASK os####jnd.ddns.net