Техническая информация
- [<HKLM>\System\CurrentControlSet\Services\8ZpXc0uKUwT] 'ImagePath' = '<SYSTEM32>\14c32e\CDClient_EX.sys'
- iexplore.exe
- %WINDIR%\hhryxbe.dll
- %ALLUSERSPROFILE%\application data\fuhaki\<Имя файла>.exe
- %WINDIR%\shgmrpf.dll
- %WINDIR%\clog.txt
- %WINDIR%\bwsfpbek\klgwnm.dll
- %WINDIR%\bwsfpbek\lpcyxto.tmp
- %WINDIR%\bwsfpbek\vneybbeq.dll
- <SYSTEM32>\14c32e\cdclient_ex.sys
- %WINDIR%\hhryxbe.dll
- %WINDIR%\shgmrpf.dll
- %WINDIR%\clog.txt
- %WINDIR%\bwsfpbek\lpcyxto.tmp
- %WINDIR%\bwsfpbek\vneybbeq.dll
- <SYSTEM32>\14c32e\cdclient_ex.sys
- %WINDIR%\bwsfpbek\klgwnm.dll
- %WINDIR%\bwsfpbek\vneybbeq.dll
- http://www.58##y.com/index/getcfg?id######
- http://www.go##0.com/d2/CDClient.dll
- http://dl#.#xwan.com/d2/x86a.dll
- DNS ASK 58##y.com
- DNS ASK go##0.com
- DNS ASK dl#.#xwan.com
- '255.255.255.255':6880
- ClassName: 'STATIC' WindowName: 'DF68B206AFD07506AFB1EA'
- ClassName: 'STATIC' WindowName: '9F492808FE925018FD35A0'
- ClassName: 'Progman' WindowName: 'Program Manager'
- ClassName: 'SHELLDLL_DefView' WindowName: ''
- ClassName: 'SysListView32' WindowName: 'FolderView'
- ClassName: 'TApplication' WindowName: 'eyoorun'
- '%ALLUSERSPROFILE%\application data\fuhaki\<Имя файла>.exe'