Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Auto-Discovery Collector Accounts Controls' = 'C:\tuorxkgeks\xijltiudlco.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Counter Biometric Web Transaction Hardware WinHTTP] 'ImagePath' = 'C:\tuorxkgeks\xijltiudlco.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Counter Biometric Web Transaction Hardware WinHTTP] 'Start' = '00000002'
- 'C:\tuorxkgeks\qtzsssuc.exe' "c:\tuorxkgeks\xijltiudlco.exe"
- 'C:\tuorxkgeks\xijltiudlco.exe'
- 'C:\tuorxkgeks\l72tgcisrvfdfec.exe'
- C:\tuorxkgeks\xijltiudlco.exe
- C:\tuorxkgeks\qtzsssuc.exe
- C:\tuorxkgeks\srrfz1
- %WINDIR%\tuorxkgeks\tepkpocdw
- C:\tuorxkgeks\tepkpocdw
- C:\tuorxkgeks\l72tgcisrvfdfec.exe
- C:\tuorxkgeks\qtzsssuc.exe
- C:\tuorxkgeks\xijltiudlco.exe
- C:\tuorxkgeks\l72tgcisrvfdfec.exe
- %WINDIR%\tuorxkgeks\tepkpocdw
- %WINDIR%\tuorxkgeks\tepkpocdw
- '18#.#5.131.224':26337
- '91.##.35.122':26126
- '78.##5.171.93':23699
- '18#.#0.223.209':25741
- '10#.#02.79.27':36272
- '86.##.69.232':41590
- '41.#6.20.41':48405
- '21#.#07.110.82':26314
- ClassName: 'Shell_TrayWnd' WindowName: ''