Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'securesafe' = '%APPDATA%\safesecure\axZc4GKpTLPz.exe'
- <SYSTEM32>\svchost.exe
- C:\9868bb8e6f87017145757998d81311f470b6044b
- %APPDATA%\safesecure\axZc4GKpTLPz.exe
- C:\9868bb8e6f87017145757998d81311f470b6044b
- %APPDATA%\safesecure\axZc4GKpTLPz.exe
- 'tm###.no-ip.org':6318
- DNS ASK tm###.no-ip.org
- ClassName: 'Shell_TrayWnd' WindowName: ''