Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '386dfdffc3f8b849f27056134c96bfc1' = '"%TEMP%\scvheostw55.exe" ..'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '386dfdffc3f8b849f27056134c96bfc1' = '"%TEMP%\scvheostw55.exe" ..'
- %HOMEPATH%\Start Menu\Programs\Startup\386dfdffc3f8b849f27056134c96bfc1.exe
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%TEMP%\scvheostw55.exe' = '%TEMP%\scvheostw55.exe:*:Enabled:scvheostw5...
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%TEMP%\scvheostw55.exe" "scvheostw55.exe" ENABLE
- %TEMP%\scvheostw55.exe
- 'up#####ffer.myq-see.com':1594
- DNS ASK up#####ffer.myq-see.com
- '%TEMP%\scvheostw55.exe'