Техническая информация
- [<HKLM>\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] 'ЦРїШМЁєуМЁЅшіМ.exe' = 'C:\YZ\ЦРїШМЁєуМЁЅшіМ.exe'
- C:\YZ\dm.dll
- C:\YZ\DmReg.dll
- C:\YZ\Hiew.dll
- C:\YZ\yz.txt
- C:\YZ\lspРЮёґ.bat
- C:\YZ\ґтІ»їЄµДЛ«»чОТЦШЖф.bat
- C:\YZ\ЦРїШМЁєуМЁЅшіМ.exe
- C:\YZ\ЕдЦГ.ini
- '12#.#52.224.49':8889
- ClassName: '' WindowName: ''
- 'C:\YZ\ЦРїШМЁєуМЁЅшіМ.exe'
- '<SYSTEM32>\cmd.exe' /c C:\YZ\ґтІ»їЄµДЛ«»чОТЦШЖф.bat