Техническая информация
- <LS_APPDATA>\{PKOVJJMR-0FPG-S823-611J-61DEIWFLVD08}\8v7bls64.exe
- <LS_APPDATA>\{PKOVJJMR-0FPG-S823-611J-61DEIWFLVD08}\tu2a7xd5vy5ek.exe
- <LS_APPDATA>\Temp\lbtns.exe
- <LS_APPDATA>\{PKOVJJMR-0FPG-S823-611J-61DEIWFLVD08}\8v7bls64.exe (загружен из сети Интернет)
- <LS_APPDATA>\{PKOVJJMR-0FPG-S823-611J-61DEIWFLVD08}\tu2a7xd5vy5ek.exe (загружен из сети Интернет)
- <SYSTEM32>\ipconfig.exe /renew
- <SYSTEM32>\ipconfig.exe /flushdns
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\SInac[1].mid
- <LS_APPDATA>\{PKOVJJMR-0FPG-S823-611J-61DEIWFLVD08}\8v7bls64.exe
- <LS_APPDATA>\{PKOVJJMR-0FPG-S823-611J-61DEIWFLVD08}\tu2a7xd5vy5ek.exe
- <LS_APPDATA>\Temp\lbtns.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\CwhY[1]
- 'up####s.boxify.me':80
- 'bl##k.to':80
- 'www.go###e.com.br':80
- up####s.boxify.me/86132/SInac.mid
- bl##k.to/CwhY
- DNS ASK up####s.boxify.me
- DNS ASK bl##k.to
- DNS ASK www.go###e.com.br
- ClassName: 'Shell_TrayWnd' WindowName: ''