Техническая информация
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\] 'WindowsSecurity' = '%TEMP%\WindowsSecurityHealthService.exe'
- [<HKLM>\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components\{6F28C33P-HL24-15E8-U8H7-LLN48XIQA358}] 'StubPath' = '"%TEMP%\WindowsSecurityHealthService.exe"'
- %TEMP%\auta3f7.tmp
- %APPDATA%\lhojdkgidojudhkbcdawcfehr4206918.png
- %TEMP%\windowssecurityhealthservice.exe
- %TEMP%\auta743.tmp
- %TEMP%\auta3f7.tmp
- %TEMP%\auta743.tmp
- 'localhost':3360
- '%TEMP%\windowssecurityhealthservice.exe'