Техническая информация
- [<HKLM>\System\CurrentControlSet\Services\googleupdate] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\googleupdate] 'ImagePath' = '%WINDIR%\UluUppxqSDJrqti.exe'
- <SYSTEM32>\svchost.exe
- %WINDIR%\uluuppxqsdjrqti.exe
- <SYSTEM32>\config\systemprofile\appdata\local\2ete64.vas
- DNS ASK google.com
- DNS ASK s2.##raba.net
- DNS ASK st##.#honepower.com
- DNS ASK stun1.l.google.com
- ClassName: 'MS_WINHELP' WindowName: ''
- '%WINDIR%\uluuppxqsdjrqti.exe'