Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'mjitighaw' = '"%APPDATA%\Microsoft\Lzapnmnmz\lzapnmnm.exe"'
- <SYSTEM32>\cscript.exe
- %APPDATA%\Microsoft\Lzapnmnmz\lzapnmn.dat
- %HOMEPATH%\loaqbqipuujfbxcudslmcuas.vbs
- %HOMEPATH%\vkdawnrubnmkvcdtjyhye.vbs
- %HOMEPATH%\loaqbqipuujfbxcudslmcuas.vbs
- %HOMEPATH%\vkdawnrubnmkvcdtjyhye.vbs
- '<SYSTEM32>\cscript.exe' "%HOMEPATH%\loaqbqipuujfbxcudslmcuas.vbs"
- '<SYSTEM32>\cscript.exe' "%HOMEPATH%\vkdawnrubnmkvcdtjyhye.vbs"
- '%APPDATA%\Microsoft\Lzapnmnmz\lzapnmnm.exe'
- '<SYSTEM32>\mobsync.exe'