Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\WZCSVCSys] 'Start' = '00000002'
- '<SYSTEM32>\svchost.exe' -k netsvcs
- <SYSTEM32>\svchost.exe
- %ALLUSERSPROFILE%\Application Data\Mozilla\svchost.exe
- %ALLUSERSPROFILE%\Application Data\Mozilla\UV9FXlFbb1NfWVQPBg.bin
- %ALLUSERSPROFILE%\Application Data\Mozilla\svchost.exe
- %ALLUSERSPROFILE%\Application Data\Mozilla\UV9FXlFbb1NfWVQPBg.bin
- '21#.#70.117.88':80
- '93.##8.134.11':80
- '21#.#70.117.88':443
- '21#.#70.117.7':443
- 93.##8.134.11/yRkBTSPkLqsg6tkU54vSzpccxGm7qeHzoYBd2zVw6.Tx-VbNjNIPg6Rh/HlTfgoiEVEfezgBq.OE7wCv1sjlmDkVulKFPXs1wZo-6B7keV9YKmwGOsdsoVd3zX-YuLH7ioOA8dzOG.png
- 93.##8.134.11/JqaWYdxkxL6tCPw-xOUXHonfm3.8otR1D-PUMhVDz4JprknehoceC-Y/ydB60DVlywkf0WQyBDBbJJQb-asszlfjVenKoO7sQI.OoJUZM.php
- DNS ASK yandex.ru
- ClassName: 'Shell_TrayWnd' WindowName: ''