Техническая информация
- [<HKLM>\System\CurrentControlSet\Services\Computer Studio Assistant] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\Computer Studio Assistant] 'ImagePath' = 'C:\oeumbbd\ksxbus9ls48x.exe'
- %WINDIR%\oeumbbd\d6euulyyhkt
- C:\oeumbbd\d6euulyyhkt
- C:\oeumbbd\ynglfk3wm7upxhzferiz9.exe
- C:\oeumbbd\ksxbus9ls48x.exe
- C:\oeumbbd\grhudanfmndae.exe
- C:\oeumbbd\orowxgwnpzl
- C:\oeumbbd\ksxbus9ls48x.exe
- C:\oeumbbd\grhudanfmndae.exe
- %WINDIR%\oeumbbd\d6euulyyhkt
- C:\oeumbbd\ynglfk3wm7upxhzferiz9.exe
- %WINDIR%\oeumbbd\d6euulyyhkt
- DNS ASK ga#####lemarianne.net
- DNS ASK an#####lacamellia.net
- DNS ASK ga#####lecamellia.net
- DNS ASK si#####erharmonie.net
- DNS ASK gr#####leharmonie.net
- DNS ASK si#####ershaniqua.net
- DNS ASK gr#####leshaniqua.net
- DNS ASK si#####eranjelica.net
- 'C:\oeumbbd\ynglfk3wm7upxhzferiz9.exe'
- 'C:\oeumbbd\ksxbus9ls48x.exe'
- 'C:\oeumbbd\grhudanfmndae.exe' "c:\oeumbbd\ksxbus9ls48x.exe"