Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '{A37559A8-76C0-2A00-B000-33C14687AB}' = '"%APPDATA%\{A37559A8-76C0-2A00-B000-33C14687AB}\jkpqvwchin.exe"'
- <SYSTEM32>\svchost.exe
- %APPDATA%\{a37559a8-76c0-2a00-b000-33c14687ab}\jkpqvwchin.exe
- %APPDATA%\{a37559a8-76c0-2a00-b000-33c14687ab}\9cdddabb.dat
- %APPDATA%\{a37559a8-76c0-2a00-b000-33c14687ab}\9d01a589.dat
- %APPDATA%\{a37559a8-76c0-2a00-b000-33c14687ab}\9d257057.dat
- %APPDATA%\{a37559a8-76c0-2a00-b000-33c14687ab}\dthtbnr0.dat
- %APPDATA%\{a37559a8-76c0-2a00-b000-33c14687ab}\79ekya5m.dat
- DNS ASK google.com
- '<SYSTEM32>\svchost.exe'