Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Microsoft® Windows® Operating System' = '%HOMEPATH%\Templates\diager.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'ecpqjvxsfydypgsowjy' = '%APPDATA%\ecpqjvxsfydypgsowjy.exe'
- %TEMP%\vfnws.exe
- %TEMP%\cwncqebrd.exe
- %TEMP%\bmlxxvnhl.exe
- %HOMEPATH%\Templates\diager.exe
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
- %TEMP%\bmlxxvnhl.exe
- %TEMP%\cwncqebrd.exe
- %APPDATA%\ecpqjvxsfydypgsowjy.exe
- %TEMP%\vfnws.exe
- %HOMEPATH%\Templates\diager.exe
- %HOMEPATH%\Templates\diager.exe
- %TEMP%\vfnws.exe
- 'po##.50btc.com':8332
- DNS ASK po##.50btc.com
- ClassName: 'Indicator' WindowName: ''