Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\BIT\Parameters] 'ServiceDll' = 'C:\ProgramData\BIT\BIT.dll'
- [<HKLM>\SYSTEM\ControlSet001\Services\BIT] 'ImagePath' = '<SYSTEM32>\svchost.exe -k BIT -s'
- [<HKLM>\SYSTEM\ControlSet001\Services\BIT] 'Start' = '00000002'
- '<SYSTEM32>\rundll32.exe' "%TEMP%\hp5.tmp\UAC.dll",work
- '<SYSTEM32>\svchost.exe' -k BIT -s
- '<SYSTEM32>\msiexec.exe' /i "%TEMP%\hp5.tmp\Snarer.msi" /q
- '<SYSTEM32>\msiexec.exe' -Embedding CE4D03F8D7FC0E339624F3A3DBA8B63C M Global\MSI0000
- '<SYSTEM32>\msiexec.exe' /V
- '<SYSTEM32>\rundll32.exe' "%TEMP%\hp5.tmp\XOBd.dll",ADD -def
- '<SYSTEM32>\rundll32.exe' D_Box.dll box
- '<SYSTEM32>\rundll32.exe' "%TEMP%\hp5.tmp\SSS.dll",MOBIKE
- '<SYSTEM32>\rundll32.exe' "%TEMP%\hp5.tmp\kitty1.dll",sdfwewer
- '<SYSTEM32>\rundll32.exe' "%TEMP%\hp5.tmp\XOBc.dll",ADD -cpk
- C:\Config.Msi\3744a.rbs
- %WINDIR%\Installer\MSI10.tmp
- %TEMP%\~DF91A3.tmp
- %TEMP%\~DFD50E.tmp
- %ProgramFiles%\SNARE\Snare.dll
- %ProgramFiles%\SNARE\Snare64.dll
- %TEMP%\thp4.tmp
- %TEMP%\a.dat
- %TEMP%\D_Box.dll
- %WINDIR%\Installer\37449.ipi
- %WINDIR%\Installer\37447.msi
- C:\ProgramData\BIT\BIT.dll
- %ProgramFiles%\SNARE\Snare64.dll
- %ProgramFiles%\SNARE\Snare.dll
- %WINDIR%\Installer\MSI10.tmp
- %WINDIR%\Installer\37449.ipi
- %WINDIR%\Installer\37447.msi
- C:\Config.Msi\3744a.rbs
- %TEMP%\hp5.tmp\bk.dat
- %TEMP%\hp5.tmp\ttttt.exe
- %TEMP%\hp5.tmp\hhhhh.exe
- %TEMP%\a.dat
- %TEMP%\hp5.tmp\DV.dat
- %TEMP%\hp5.tmp\DoDKP64.dat
- %TEMP%\hp5.tmp\DoDKP.dat
- ClassName: '' WindowName: ''