Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Acquisition BitLocker Application Security VC' = 'C:\wrwcuooe\jzzudban.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Windows Secondary Registry Thread] 'ImagePath' = 'C:\wrwcuooe\jzzudban.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Windows Secondary Registry Thread] 'Start' = '00000002'
- 'C:\wrwcuooe\shaedvclmhr.exe' "c:\wrwcuooe\jzzudban.exe"
- 'C:\wrwcuooe\jzzudban.exe'
- 'C:\wrwcuooe\jdf2saoivpx8ht2l.exe'
- C:\wrwcuooe\jzzudban.exe
- C:\wrwcuooe\shaedvclmhr.exe
- C:\wrwcuooe\ulcnwpgh
- %WINDIR%\wrwcuooe\blfv1huykxgc
- C:\wrwcuooe\blfv1huykxgc
- C:\wrwcuooe\jdf2saoivpx8ht2l.exe
- C:\wrwcuooe\shaedvclmhr.exe
- C:\wrwcuooe\jzzudban.exe
- C:\wrwcuooe\jdf2saoivpx8ht2l.exe
- %WINDIR%\wrwcuooe\blfv1huykxgc
- %WINDIR%\wrwcuooe\blfv1huykxgc
- '20#.#70.207.211':37727
- '84.##2.194.230':27426
- '81.##4.87.112':37714
- '92.##7.78.237':47427
- '24.##9.216.168':33794
- '17#.#50.138.208':20422
- '95.##7.243.188':49038
- '70.##5.4.143':41500
- ClassName: 'Shell_TrayWnd' WindowName: ''