Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'HrcXzWOv' = '%ALLUSERSPROFILE%\Lk9ShuQ6v\TmUrfCt53nJBWE.exe'
- %ALLUSERSPROFILE%\Lk9ShuQ6v\TmUrfCt53nJBWE.exe
- %TEMP%\A10vylHU4HiEr.exe
- %ALLUSERSPROFILE%\Lk9ShuQ6v\RCX1.tmp
- %ALLUSERSPROFILE%\Lk9ShuQ6v\TmUrfCt53nJBWE.exe
- %TEMP%\A10vylHU4HiEr.exe
- %ALLUSERSPROFILE%\Lk9ShuQ6v\TmUrfCt53nJBWE.exe
- DNS ASK wh##.##ogotardo.com.br
- ClassName: 'Indicator' WindowName: ''