Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Intel(R) Common Networking System' = '%APPDATA%\Intel Corporation\Intel(R) Common User Interface\9.2.1.0\svchost.exe'
- <Текущая директория>\~sqli_dumper_9_2_1_cracked_by_cnquad_nextgenz__bleach.exe
- %APPDATA%\intel corporation\intel(r) common user interface\9.2.1.0\server.zip
- %APPDATA%\intel corporation\intel(r) common user interface\9.2.1.0\svchost.exe
- %TEMP%\$inst\2.tmp
- %TEMP%\$inst\temp_0.tmp
- %APPDATA%\microsoft\windows\8.1.7601.17587\svchost.exe
- <Текущая директория>\~sqli_dumper_9_2_1_cracked_by_cnquad_nextgenz__bleach.exe
- %APPDATA%\intel corporation\intel(r) common user interface\9.2.1.0\svchost.exe
- %APPDATA%\microsoft\windows\8.1.7601.17587\svchost.exe
- %APPDATA%\intel corporation\intel(r) common user interface\9.2.1.0\server.zip
- %TEMP%\$inst\temp_0.tmp
- %TEMP%\$inst\2.tmp
- DNS ASK ch####andomain.club
- '<Текущая директория>\~sqli_dumper_9_2_1_cracked_by_cnquad_nextgenz__bleach.exe'
- '%APPDATA%\intel corporation\intel(r) common user interface\9.2.1.0\svchost.exe'
- '%APPDATA%\microsoft\windows\8.1.7601.17587\svchost.exe'
- '%APPDATA%\microsoft\windows\8.1.7601.17587\svchost.exe' ' (со скрытым окном)