Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'zynIxoDNvv.exe' = '%APPDATA%\cEaZBizlpQqCvOLhDcUQ\cEaZBizlpQqCvOLhDcUQ\0.0.0.0\zynIxoDNvv.exe'
- %ALLUSERSPROFILE%\Application Data\oQBRVXPoRv\gcQkbSgqZY\3.11.29.5875\zynIxoDNvv.exe
- %APPDATA%\cEaZBizlpQqCvOLhDcUQ\cEaZBizlpQqCvOLhDcUQ\0.0.0.0\zynIxoDNvv.exe
- %APPDATA%\cEaZBizlpQqCvOLhDcUQ\cEaZBizlpQqCvOLhDcUQ\0.0.0.0\kernel32.dll
- %ALLUSERSPROFILE%\Application Data\oQBRVXPoRv\gcQkbSgqZY\3.11.29.5875\zynIxoDNvv.exe
- %ALLUSERSPROFILE%\Application Data\oQBRVXPoRv\gcQkbSgqZY\3.11.29.5875\kernel32.dll
- %APPDATA%\cEaZBizlpQqCvOLhDcUQ\cEaZBizlpQqCvOLhDcUQ\0.0.0.0\zynIxoDNvv.exe
- %APPDATA%\cEaZBizlpQqCvOLhDcUQ\cEaZBizlpQqCvOLhDcUQ\0.0.0.0\kernel32.dll
- %ALLUSERSPROFILE%\Application Data\oQBRVXPoRv\gcQkbSgqZY\3.11.29.5875\zynIxoDNvv.exe
- %ALLUSERSPROFILE%\Application Data\oQBRVXPoRv\gcQkbSgqZY\3.11.29.5875\kernel32.dll
- ClassName: 'Indicator' WindowName: ''