Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Nociazdyz] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\Wugilyresuw] 'Start' = '00000002'
- <SYSTEM32>\svchost.exe -k Rukor
- <SYSTEM32>\NtProcDrv.sys
- %TEMP%\$qfe323f3e4.exe
- <SYSTEM32>\gdi32_2.dll
- <SYSTEM32>\Yntofuleqon.dll
- <SYSTEM32>\Yntofuleqonh.dll
- <SYSTEM32>\Ildiuzizuvz.dll
- <SYSTEM32>\NtProcDrv.sys
- '21#.#75.77.196':30160