Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Taskman' = '%HOMEPATH%\aegvvp.exe'
- <SYSTEM32>\svchost.exe
- %HOMEPATH%\aegvvp.exe
- %HOMEPATH%\aegvvp.exe
- DNS ASK mu###.###tal-protection.net.ru
- DNS ASK sl###.##fehousenumber.com
- 'mu###.###tal-protection.net.ru':19700
- '<IP-адрес в локальной сети>':1035
- 'sl###.##fehousenumber.com':19700
- ClassName: 'Sufukanlw Gsmatwb' WindowName: 'Cacwepqfy Pgahr'
- ClassName: 'Areksvyll. Gxksxit' WindowName: 'Qsxycvl, Octb Vls'
- ClassName: 'Yaaya Aqdgj Jtupw' WindowName: 'Bxxutb Wjvcyn J'
- ClassName: 'Bvwhnoy Xehewnvyl' WindowName: 'Qfpjfwokl Nf. Fygls'
- ClassName: 'Fkojblkwb Jdfy. J' WindowName: 'Fqnbx Wqo Pudm. R'
- ClassName: 'Lgjboxuh Sym. Pvbgq' WindowName: 'Btopqmb Obu, Fai'
- ClassName: 'Cahm Ubofcehs Yg' WindowName: 'Jcyln, Lopgagufe'
- ClassName: 'Sgrfpgik Kcsnfnm' WindowName: 'Evdyhosuobkc Kdfs R'
- ClassName: 'Itybk Sitcy May' WindowName: 'Bmekmstc. Ongek. K'