Техническая информация
- <SYSTEM32>\svchost.exe
- %HOMEPATH%\Local Settings\<INETFILES>\Content.IE5\KHMHGZ4F\360Restore[1].png
- %TEMP%\360Restore.exe
- %HOMEPATH%\Local Settings\<INETFILES>\Content.IE5\U98D4X8H\svchost[1].png
- %TEMP%\svchost.exe
- %HOMEPATH%\Local Settings\<INETFILES>\Content.IE5\2VAZY7AN\lsass[1].png
- %TEMP%\lsass.exe
- %HOMEPATH%\Local Settings\<INETFILES>\Content.IE5\YPORKZYZ\QQBrowser[1].png
- %TEMP%\QQBrowser.exe
- %HOMEPATH%\Local Settings\<INETFILES>\Content.IE5\KHMHGZ4F\RuntimeBroker[1].png
- %WINDIR%\RuntimeBroker.exe
- %TEMP%\svchost.exe
- %TEMP%\lsass.exe
- 'xi####ruanjian.xyz':80
- http://xi####ruanjian.xyz/XiaoBa/360Restore.png
- http://xi####ruanjian.xyz/XiaoBa/svchost.png
- http://xi####ruanjian.xyz/XiaoBa/lsass.png
- http://xi####ruanjian.xyz/XiaoBa/QQBrowser.png
- http://xi####ruanjian.xyz/XiaoBa/RuntimeBroker.png
- DNS ASK xi####ruanjian.xyz
- '<SYSTEM32>\svchost.exe'