Техническая информация
- %APPDATA%\microsoft\windows\start menu\programs\startup\51lmltwb29p9kcvblnzquylpdp1a4lbjxcrc.lnk
- %LOCALAPPDATA%\wiatrace.log
- %LOCALAPPDATA%\ewwxfln08obsehdtxvlkiifle32flutxhr\zzmm1gmndvlk9qx7st1xdzejdva.wsf
- %APPDATA%\mwkvtfeorgbtsa.zip
- %APPDATA%\giblcz~1\kepzjkgpuyzbdr.db
- %APPDATA%\giblcz~1\scrdoxtfjuzzndx.db
- %APPDATA%\giblcz~1\kepzjkgpuyzbdr.exe
- %LOCALAPPDATA%\microsoft\windows\history\history.ie5\mshist012020041420200415\index.dat
- %APPDATA%\mwkvtfeorgbtsa.zip
- %LOCALAPPDATA%\ewwxfln08obsehdtxvlkiifle32flutxhr\zzmm1gmndvlk9qx7st1xdzejdva.wsf
- http://63.##0.42.87/Xevjrrvqd/Zjioxwkyxyswasxpq/Xngmrsppvzebngdib/Wgvkhcvmkdnbu/Mwkvtfeorgbtsa.db
- http://63.##0.42.64/up_list_ld.php?1=############################################################################################
- http://63.##0.42.64/favicon.ico
- ClassName: 'Static' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''
- '<SYSTEM32>\wscript.exe' "%LOCALAPPDATA%\ewwXfLn08obSEhDTxVlKIiFLe32FLUtxhR\zzmm1GMNDVlk9qX7ST1XdZEJdva.wsf"
- '%ProgramFiles%\internet explorer\iexplore.exe' -Embedding