Техническая информация
- %WINDIR%\explorer.exe
- <SYSTEM32>\rundll32.exe %TEMP%\ygRvYQzp.dll, CdapiInit QuickAuthenticationNotifier
- <SYSTEM32>\rundll32.exe %TEMP%\QbW4F732.dll,DllUnregisterServer install
- %TEMP%\rYCXKPWg
- %TEMP%\ygRvYQzp.dll
- %TEMP%\nst2.tmp\SelfDel.dll
- %TEMP%\QbW4F732.dll
- %TEMP%\nst2.tmp\GetVersion.dll
- %TEMP%\nst2.tmp\System.dll
- %TEMP%\nst2.tmp\inetc.dll
- %TEMP%\nst2.tmp\SelfDel.dll
- %TEMP%\nst2.tmp\System.dll
- %TEMP%\nst2.tmp\GetVersion.dll
- %TEMP%\nst2.tmp\inetc.dll
- 'sc####.erasfie.co.cc':80
- sc####.erasfie.co.cc/2KHcRBpPe88QwjEjcdQ+/lhl4IfLvI0yzYSL8ztC0xFaLzmco5itp14L
- sc####.erasfie.co.cc/qNzWxnrKZkT2g2wH92xjzK9u7IjRLkKnNA3ZPkSoRXCeTLWtCmjNpzEXHCBJwK4AGp5e8/BN61mt2pey8fNtgd44rs5KBPJvng0FXpV/Xsc=
- sc####.erasfie.co.cc/njKtNRGCgjfwV63Iv5ZFXCgh5mVj4cdv74dcrCT5/hURuJWvWNyp8+vYoQImrFNZNXXUF45VaZ25d7K5
- DNS ASK sc####.erasfie.co.cc
- '<IP-адрес в локальной сети>':1034
- ClassName: '#32770' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''