Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'NVDisplay.ContainerLocalSystem' = '%WINDIR%\Logs\SettingSync\ContainerLocalSystem.lnk'
- %APPDATA%\Atheros\Session\kek.exe
- %WINDIR%\Logs\SettingSync\vbs.exe
- %WINDIR%\Logs\SettingSync\windows.exe
- %WINDIR%\Logs\SettingSync\zlib1.dll
- %WINDIR%\Logs\SettingSync\libcurl.dll
- %WINDIR%\Logs\SettingSync\libeay32.dll
- %WINDIR%\Logs\SettingSync\libgcc_s_seh-1.dll
- %WINDIR%\Logs\SettingSync\libstdc++-6.dll
- %WINDIR%\Logs\SettingSync\libwinpthread-1.dll
- %WINDIR%\Logs\SettingSync\ssleay32.dll
- %WINDIR%\Logs\SettingSync\system.exe
- %WINDIR%\Logs\SettingSync\system.vbs
- %WINDIR%\Logs\SettingSync\system32.exe
- %WINDIR%\Logs\SettingSync\registry.exe
- %WINDIR%\Logs\SettingSync\ContainerLocalSystem.lnk
- ClassName: 'EDIT' WindowName: ''
- ClassName: '' WindowName: '????????? ?????'
- ClassName: '' WindowName: 'Диспетчер задач'
- ClassName: '' WindowName: '????????? ????? Windows'
- ClassName: '' WindowName: 'Диспетчер задач Windows'
- ClassName: '' WindowName: 'Task Manager'
- '%APPDATA%\Atheros\Session\kek.exe' -p123123
- '<SYSTEM32>\wscript.exe' "%WINDIR%\Logs\SettingSync\system.VBS"
- '%WINDIR%\Logs\SettingSync\vbs.exe'
- '%WINDIR%\Logs\SettingSync\registry.exe'
- '%WINDIR%\Logs\SettingSync\windows.exe'
- '%WINDIR%\Logs\SettingSync\system.exe'