Техническая информация
- <SYSTEM32>\tasks\nvngxupdatecheckdaily_{6eefbfb0-bfb0-bfb0-bfb0-6eefbfb0bfb0}
- %TEMP%\d47f.tmp
- %APPDATA%\rbvwvdv
- %APPDATA%\twdfgcu
- %APPDATA%\buhutvf
- %TEMP%\5d1c.tmp.exe
- %TEMP%\5ecb.tmp.exe
- %TEMP%\66bd.tmp.exe
- %TEMP%\6cec.tmp.dll
- %TEMP%\72b7.tmp.exe
- %PROGRAMDATA%\lmort\wvvwxbd.exe
- %APPDATA%\rbvwvdv
- %APPDATA%\twdfgcu
- %APPDATA%\buhutvf
- http://www.ms###csi.com/ncsi.txt
- http://ad####ail2551.club/sick/sickm.exe
- http://ad####ail2551.club/socks777.exe
- http://ad####ail2551.club/dan777.exe
- http://ad####ail2551.club/dan777.dll
- http://ad####ail2551.club/pred111zx77.exe
- http://ad####ail2551.club/stx777.exe
- http://ad####serv99.club/logstat95/
- DNS ASK ad####serv99.club
- DNS ASK ad####ail2551.club
- ClassName: '' WindowName: '1020807/2512'
- '%TEMP%\5ecb.tmp.exe'
- '%TEMP%\5d1c.tmp.exe'
- '%TEMP%\66bd.tmp.exe'
- '%TEMP%\72b7.tmp.exe'
- '<SYSTEM32>\regsvr32.exe' /s %TEMP%\6CEC.tmp.dll