Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'MSConfig' = '"%HOMEPATH%\jwtdkdrw.exe"'
- <SYSTEM32>\svchost.exe
- %TEMP%\4812.bat
- %HOMEPATH%\jwtdkdrw.exe
- %HOMEPATH%\jwtdkdrw.exe
- <Полный путь к файлу>
- '91.##8.38.245':443
- ClassName: ',]%8r{ TKQSJZeU' WindowName: 'b%{X'
- ClassName: ',]%8r{ TKQSJZeU\FhsO.@:wNWc*' WindowName: 'b%{X)CGLw#!56n4H:h(Ta^>1'
- ClassName: 'nDhlcQ#-0o,g5S6[?IEbwy' WindowName: '21>u*g$cOPRJrAhsi06,X}.!:apQ'
- ClassName: '$.)FRJmlA-+dXO0[>9{?r*Pn:4(C' WindowName: '[gj)OznN*Vfk{Z?os@$W}(d7B'
- ClassName: 'nDhlcQ#-0o,g5S6[?IEbwy' WindowName: '21>u'
- '%HOMEPATH%\jwtdkdrw.exe'
- '<SYSTEM32>\ping.exe' 127.0.0.1
- '<SYSTEM32>\svchost.exe'
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\4812.bat" "