Техническая информация
- [<HKLM>\System\CurrentControlSet\Services\ywsqma] 'ImagePath' = '%TEMP%\ywsqma'
- <SYSTEM32>\svchost.exe
- ClassName: 'OLLYDBG', WindowName: ''
- ClassName: 'GBDYLLO', WindowName: ''
- ClassName: 'pediy06', WindowName: ''
- ClassName: 'FilemonClass', WindowName: ''
- ClassName: '', WindowName: 'File Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'PROCMON_WINDOW_CLASS', WindowName: ''
- ClassName: '', WindowName: 'Process Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'RegmonClass', WindowName: ''
- ClassName: '', WindowName: 'Registry Monitor - Sysinternals: www.sysinternals.com'
- %WINDIR%\drivethelife7.dll
- %TEMP%\ywsqma
- %WINDIR%\drivethelife7.dll
- %TEMP%\ywsqma
- из <Полный путь к файлу> в <Текущая директория>1274222\...\41467970197724464567985844961439952019äê7ГґГў27ГЁГµ22ГЄВ±53В·Г¶37ГЈГ«7821482543627
- '11#.#30.69.194':8002
- ClassName: '18467-41' WindowName: ''
- '<SYSTEM32>\svchost.exe'