Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Workstation Shadow Device Identity Builder' = 'C:\fyqchonm\jefilgfeyec.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Card DNS IPsec Power Installer Time] 'ImagePath' = 'C:\fyqchonm\jefilgfeyec.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Card DNS IPsec Power Installer Time] 'Start' = '00000002'
- 'C:\fyqchonm\koouuxl.exe' "c:\fyqchonm\jefilgfeyec.exe"
- 'C:\fyqchonm\jefilgfeyec.exe'
- 'C:\fyqchonm\xx2g4qtocappkifkzgo.exe'
- C:\fyqchonm\jefilgfeyec.exe
- C:\fyqchonm\koouuxl.exe
- C:\fyqchonm\hskrulb
- %WINDIR%\fyqchonm\ngtkzn5xkhgd
- C:\fyqchonm\ngtkzn5xkhgd
- C:\fyqchonm\xx2g4qtocappkifkzgo.exe
- C:\fyqchonm\koouuxl.exe
- C:\fyqchonm\jefilgfeyec.exe
- C:\fyqchonm\xx2g4qtocappkifkzgo.exe
- %WINDIR%\fyqchonm\ngtkzn5xkhgd
- %WINDIR%\fyqchonm\ngtkzn5xkhgd
- '2.##.19.50':35833
- '19#.#54.74.242':31770
- '10#.#25.112.152':47507
- '88.##.203.114':40413
- '85.##.122.169':40540
- '17#.#50.138.208':20422
- '18#.#5.131.224':26337
- '79.##1.239.74':42581
- ClassName: 'Shell_TrayWnd' WindowName: ''