Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Windows Kernel Service] 'Start' = '00000002'
- <SYSTEM32>\wkservice.exe
- <SYSTEM32>\ping.exe 0.0.0.0
- <SYSTEM32>\ipconfig.exe /flushdns
- <SYSTEM32>\cmd.exe /c ""%TEMP%\temp4785.bat" "
- ClassName: 'TDeDeMainForm' WindowName: ''
- ClassName: 'TIdaWindow' WindowName: ''
- ClassName: 'APIMonitor By Rohitab' WindowName: ''
- ClassName: 'RegmonClass' WindowName: ''
- ClassName: 'FilemonClass' WindowName: ''
- %TEMP%\temp4785.bat
- <SYSTEM32>\wkservice.exe
- <SYSTEM32>\wkservice.exe
- 'ii############iijijjiljij.1llliij1lijlil1lliil.info':51758
- DNS ASK ii############iijijjiljij.1llliij1lijlil1lliil.info
- '<IP-адрес в локальной сети>':1035
- ClassName: 'SuckMe&Class' WindowName: ''