Техническая информация
- %APPDATA%\microsoft\windows\start menu\programs\startup\izatk2xmnkascaqtiwj.lnk
- %LOCALAPPDATA%\wiatrace.log
- %LOCALAPPDATA%\ovotyfixjfqsghaeuxl\88st2vlzb8hlfue3lhj5agwqa2hi3lvfo99i.wsf
- %APPDATA%\veryworkverygoldx.zip
- %APPDATA%\jwvfpz~1\szexgriqhsvtwaxicp.db
- %APPDATA%\jwvfpz~1\zjwwdjfeyeukkkitmxw.db
- %APPDATA%\jwvfpz~1\zjwwdjfeyeukkkitmxw.exe
- %APPDATA%\veryworkverygoldx.zip
- %LOCALAPPDATA%\ovotyfixjfqsghaeuxl\88st2vlzb8hlfue3lhj5agwqa2hi3lvfo99i.wsf
- http://16#.#13.255.234/Kwrtkvnkosnwv/Kywbuiretnp/Rosmjpwlejmnkhp/Ptblizpkoowb/veryworkverygoldx.db
- http://19#.#4.115.232/up_list_ld.php?1=##########################################################################################
- ClassName: 'Static' WindowName: ''
- '<SYSTEM32>\wscript.exe' "%LOCALAPPDATA%\OVotYFIxJFQSghAeuxl\88st2VLzb8hLfuE3LhJ5agWqA2HI3LvFO99i.wsf"
- '%ProgramFiles%\internet explorer\iexplore.exe' -Embedding