Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'WindowsDefender' = 'C:\Users\Public\Libraries\WindowsDefender.vbs'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'wsappx' = 'C:\Users\Public\Libraries\wsappx.exe'
- C:\Users\Public\Libraries\zlib.dll
- C:\Users\Public\Libraries\libeay32.dll
- C:\Users\Public\Libraries\wsappx.z01
- C:\Users\Public\Libraries\wsappx.zip
- C:\Users\Public\Libraries\vc_redist.x64.exe
- C:\Users\Public\Libraries\WindowsDefender.vbs
- C:\Users\Public\Libraries\ssleay32.dll
- C:\Users\Public\Libraries\svhost.dll
- %ProgramFiles%\Corel Draw Graphics Suite\is-TQJMI.tmp
- C:\Users\Public\Libraries\is-B18HF.tmp
- %TEMP%\is-UVMCK.tmp\<Имя файла>.tmp
- %TEMP%\is-IIRHK.tmp\InnoCallback.dll
- %APPDATA%\WinRAR\version.dat
- C:\Users\Public\Libraries\wsappx.exe
- %TEMP%\is-IIRHK.tmp\is-OC538.tmp
- %ProgramFiles%\Corel Draw Graphics Suite\unins000.dat
- %TEMP%\is-IIRHK.tmp\is-OC538.tmp в %TEMP%\is-IIRHK.tmp\unzip.exe
- C:\Users\Public\Libraries\is-B18HF.tmp в C:\Users\Public\Libraries\assets.zip
- %ProgramFiles%\Corel Draw Graphics Suite\is-TQJMI.tmp в %ProgramFiles%\Corel Draw Graphics Suite\unins000.exe
- ClassName: 'WinRarWindow' WindowName: ''
- '%TEMP%\is-IIRHK.tmp\unzip.exe' x -ibck -o- C:\Users\Public\Libraries\wsappx.zip *.* C:\Users\Public\Libraries
- '%TEMP%\is-IIRHK.tmp\unzip.exe' x -ibck -o- C:\Users\Public\Libraries\assets.zip *.* C:\Users\Public\Libraries
- '%TEMP%\is-UVMCK.tmp\<Имя файла>.tmp' /SL5="$30092,15841566,57856,<Полный путь к файлу>"