Техническая информация
- [<HKLM>\System\CurrentControlSet\Services\hC8k_xpcwN] 'ImagePath' = '<DRIVERS>\hC8k_xpcwN.sys'
- ClassName: 'OllyDbg', WindowName: ''
- ClassName: 'PROCMON_WINDOW_CLASS', WindowName: ''
- <DRIVERS>\hc8k_xpcwn.sys
- %APPDATA%\mozilla\firefox\profiles\gn7ryp3k.default\cert9.db
- %APPDATA%\mozilla\firefox\profiles\gn7ryp3k.default\key4.db
- %TEMP%\iiyfmeyo.bat
- nul
- <DRIVERS>\hc8k_xpcwn.sys
- http://cn.bing.com/
- DNS ASK cn.bing.com
- '17#.#47.228.139':21785
- '255.255.255.255':29352
- ClassName: 'WinObjWClass' WindowName: ''
- ClassName: 'fuck-1' WindowName: ''
- ClassName: 'WinDbgFrameClass' WindowName: ''
- ClassName: 'dbgviewClass' WindowName: ''
- '%WINDIR%\syswow64\cmd.exe' /c ""%TEMP%\\IiYFMeYo.bat""' (со скрытым окном)
- '%WINDIR%\syswow64\cmd.exe' /c ""%TEMP%\\IiYFMeYo.bat""
- '%WINDIR%\syswow64\ping.exe' -n 2 127.1