Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'abivobel' = '"%WINDIR%\yhkhuvoq.exe"'
- '%WINDIR%\explorer.exe'
- %WINDIR%\explorer.exe
- %ALLUSERSPROFILE%\Application Data\adozowysynewixil\02000000
- %ALLUSERSPROFILE%\Application Data\adozowysynewixil\00000000
- %ALLUSERSPROFILE%\Application Data\adozowysynewixil\01000000
- %WINDIR%\yhkhuvoq.exe
- 'pm#####r.jhyiogsaxz.org':443
- 'oq###.#hyiogsaxz.org':443
- 'dn###.#hyiogsaxz.org':443
- 'yq#####.jhyiogsaxz.org':443
- 'if#####n.jhyiogsaxz.org':443
- 'wn#####.jhyiogsaxz.org':443
- 'uc######ew.jhyiogsaxz.org':443
- 'rr###.#hyiogsaxz.org':443
- DNS ASK pm#####r.jhyiogsaxz.org
- DNS ASK oq###.#hyiogsaxz.org
- DNS ASK dn###.#hyiogsaxz.org
- DNS ASK yq#####.jhyiogsaxz.org
- DNS ASK if#####n.jhyiogsaxz.org
- DNS ASK wn#####.jhyiogsaxz.org
- DNS ASK uc######ew.jhyiogsaxz.org
- DNS ASK rr###.#hyiogsaxz.org
- ClassName: 'Shell_TrayWnd' WindowName: ''