Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\UW2SMPZX] 'Start' = '00000002'
- C:\H3UDA.EXE <Полный путь к вирусу>
- <SYSTEM32>\regsvr32.exe /s "%WINDIR%\JWTXKJNGQWC.dll"
- %WINDIR%\JWTXKJNGQWC.dll
- %PROGRAM_FILES%\CK4E5UAZUV\FT4RVEM.EXE
- %PROGRAM_FILES%\CK4E5UAZUV\QB1C8S.EXE
- C:\H3UDA.EXE
- %PROGRAM_FILES%\Q4LAXH3\RP8FDSU.EXE
- %WINDIR%\JWTXKJNGQWC.txt
- %PROGRAM_FILES%\CK4E5UAZUV\FT4RVEM.EXE
- %PROGRAM_FILES%\CK4E5UAZUV\QB1C8S.EXE
- <Полный путь к вирусу>
- %PROGRAM_FILES%\Q4LAXH3\RP8FDSU.EXE
- '58.#9.58.27':443
- ClassName: 'JWTXKJNGQWC' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'JWTXKJNGQWC' WindowName: 'rrhiminlzbhpz'