Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Ias] 'Start' = '00000002'
- C:\RECYCLER\recyl.exe138984tem.exe
- C:\RECYCLER\recyl.exe /cc:\recycler\recyl.exe138984tem.exe
- C:\RECYCLER\recyl.exe /c copy /b c:\recycler\recyl.exe138984tem.exe3.txt+c:\recycler\recyl.exe138984cnna.txt c:\recycler\recyl.exe138984tem.exe
- %WINDIR%\regedit.exe /s c:\recycler\recyl.exe144062cyl.txt
- <SYSTEM32>\cmd.exe /c c:\recycler\recyl.exe144109.bat
- <SYSTEM32>\Iasid.dll.move.tlb
- C:\RECYCLER\recyl.exe144062cyl.txt
- <SYSTEM32>\Iasid.dll.right.tlb
- <SYSTEM32>\Iasid.dll
- C:\RECYCLER\recyl.exe144109.bat
- C:\RECYCLER\recyl.exe141437cnna.txt
- C:\RECYCLER\recyl.exe138984cnna.txt
- C:\RECYCLER\recyl.exe
- C:\RECYCLER\recyl.exe138984tem.exe3.txt
- C:\RECYCLER\recyl.exetem.tem
- C:\RECYCLER\recyl.exe138984tem.exe
- C:\RECYCLER\recyl.exe138984cnna.txt
- C:\RECYCLER\recyl.exe141437cnna.txt в <SYSTEM32>\Iasid.dll
- 'hx####6.3322.org':2010
- DNS ASK hx####6.3322.org
- ClassName: 'RegEdit_RegEdit' WindowName: ''