Техническая информация
- [<HKLM>\System\CurrentControlSet\Services\Configuration Log Transaction] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\Configuration Log Transaction] 'ImagePath' = 'C:\obnwspig\jaxevwljkdg.exe'
- %WINDIR%\obnwspig\wsaodnzao9k
- C:\obnwspig\wsaodnzao9k
- C:\obnwspig\btsigcm7kqlyftsvvii90.exe
- C:\obnwspig\jaxevwljkdg.exe
- C:\obnwspig\mxiypiq0ju.exe
- C:\obnwspig\s1sp8dezmy
- C:\obnwspig\jaxevwljkdg.exe
- C:\obnwspig\mxiypiq0ju.exe
- %WINDIR%\obnwspig\wsaodnzao9k
- C:\obnwspig\btsigcm7kqlyftsvvii90.exe
- %WINDIR%\obnwspig\wsaodnzao9k
- DNS ASK ch#####leatterberry.net
- DNS ASK ge#####naunderwood.net
- DNS ASK ch#####leunderwood.net
- DNS ASK an#####lepatrickson.net
- DNS ASK gu#####enpatrickson.net
- DNS ASK an#####lerichardson.net
- DNS ASK gu#####enrichardson.net
- DNS ASK an#####leatterberry.net
- 'C:\obnwspig\btsigcm7kqlyftsvvii90.exe'
- 'C:\obnwspig\jaxevwljkdg.exe'
- 'C:\obnwspig\mxiypiq0ju.exe' "c:\obnwspig\jaxevwljkdg.exe"