Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Reporting Accounts Fax Topology Access' = 'C:\cnospjbkymwqkq\rbjgoxtwcsw.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Connection User-mode Enumerator Update] 'ImagePath' = 'C:\cnospjbkymwqkq\rbjgoxtwcsw.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Connection User-mode Enumerator Update] 'Start' = '00000002'
- 'C:\cnospjbkymwqkq\xijezyljw.exe' "c:\cnospjbkymwqkq\rbjgoxtwcsw.exe"
- 'C:\cnospjbkymwqkq\rbjgoxtwcsw.exe'
- 'C:\cnospjbkymwqkq\fv2mqlpni92o4ceyj.exe'
- C:\cnospjbkymwqkq\rbjgoxtwcsw.exe
- C:\cnospjbkymwqkq\xijezyljw.exe
- C:\cnospjbkymwqkq\l7ysce4ajpr
- %WINDIR%\cnospjbkymwqkq\dcu9oa
- C:\cnospjbkymwqkq\dcu9oa
- C:\cnospjbkymwqkq\fv2mqlpni92o4ceyj.exe
- C:\cnospjbkymwqkq\xijezyljw.exe
- C:\cnospjbkymwqkq\rbjgoxtwcsw.exe
- C:\cnospjbkymwqkq\fv2mqlpni92o4ceyj.exe
- %WINDIR%\cnospjbkymwqkq\dcu9oa
- %WINDIR%\cnospjbkymwqkq\dcu9oa
- '19#.#47.86.10':25432
- '15#.#82.245.137':33982
- '71.##2.212.226':26466
- '10#.#56.58.121':45860
- '18#.#45.182.189':37331
- '10#.#67.38.149':20466
- '92.##7.78.237':47427
- '88.##.203.114':40413
- ClassName: 'Shell_TrayWnd' WindowName: ''