Техническая информация
- [<HKLM>\System\CurrentControlSet\Services\Software SPP Base Profile Fax Store] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\Software SPP Base Profile Fax Store] 'ImagePath' = 'C:\xknqnmstye\mtptffuq.exe'
- %WINDIR%\xknqnmstye\kyvk9bhjh
- C:\xknqnmstye\kyvk9bhjh
- C:\xknqnmstye\bnezmcmkpjlcad3lg.exe
- C:\xknqnmstye\mtptffuq.exe
- C:\xknqnmstye\mnaxgvppktr.exe
- C:\xknqnmstye\mtptffuq.exe
- C:\xknqnmstye\mnaxgvppktr.exe
- %WINDIR%\xknqnmstye\kyvk9bhjh
- C:\xknqnmstye\bnezmcmkpjlcad3lg.exe
- %WINDIR%\xknqnmstye\kyvk9bhjh
- DNS ASK la####roblem.net
- DNS ASK se####modern.net
- DNS ASK la###modern.net
- DNS ASK si####escape.net
- DNS ASK mo####escape.net
- DNS ASK si####animal.net
- DNS ASK mo####animal.net
- DNS ASK si####problem.net
- 'C:\xknqnmstye\bnezmcmkpjlcad3lg.exe'
- 'C:\xknqnmstye\mtptffuq.exe'
- 'C:\xknqnmstye\mnaxgvppktr.exe' "c:\xknqnmstye\mtptffuq.exe"