Техническая информация
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '65c4b4b5' = '%PROGRAMDATA%\Intel\Wireless\2f22504\4520390.exe %PROGRAMDATA%\Intel\Wireless\2f22504\223d1f2.au3'
- 'C:\eoojjiur\bwkcfldh.exe' qucmluxd.au3
- %WINDIR%\syswow64\notepad.exe
- C:\eoojjiur\bwkcfldh.exe
- C:\eoojjiur\pe.bin
- C:\eoojjiur\qucmluxd.au3
- %TEMP%\torrent.txt
- %PROGRAMDATA%\intel\wireless\2f22504\223d1f2.au3
- %PROGRAMDATA%\intel\wireless\2f22504\4520390.exe
- %PROGRAMDATA%\intel\wireless\2f22504\pe.bin
- %TEMP%\torrent.txt
- C:\eoojjiur\qucmluxd.au3
- C:\eoojjiur\bwkcfldh.exe
- C:\eoojjiur\pe.bin
- DNS ASK me####orrentt.org
- DNS ASK bc.####usercontent.nl
- 'C:\eoojjiur\bwkcfldh.exe' qucmluxd.au3' (со скрытым окном)
- '%WINDIR%\syswow64\notepad.exe' ' (со скрытым окном)
- '%WINDIR%\syswow64\notepad.exe'