Техническая информация
- %APPDATA%\microsoft\windows\start menu\programs\startup\dn62uyo4xbb8q0.lnk
- %LOCALAPPDATA%\wiatrace.log
- %LOCALAPPDATA%\n9xlensjfgdqmbk86hsw8ypcfersdhrwd\llkfopdz1rss.wsf
- %APPDATA%\veryworkverygoldx.zip
- %APPDATA%\kywy2a~1\szexgriqhsvtwaxicp.db
- %APPDATA%\kywy2a~1\zjwwdjfeyeukkkitmxw.db
- %APPDATA%\kywy2a~1\zjwwdjfeyeukkkitmxw.exe
- %LOCALAPPDATA%\microsoft\windows\history\history.ie5\mshist012020042020200421\index.dat
- %APPDATA%\veryworkverygoldx.zip
- %LOCALAPPDATA%\n9xlensjfgdqmbk86hsw8ypcfersdhrwd\llkfopdz1rss.wsf
- http://16#.#13.255.234/Kwrtkvnkosnwv/Kywbuiretnp/Rosmjpwlejmnkhp/Ptblizpkoowb/veryworkverygoldx.db
- http://19#.#4.115.232/up_list_ld.php?1=#########################################################################################
- http://19#.#4.115.232/favicon.ico
- ClassName: 'Static' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''
- '<SYSTEM32>\wscript.exe' "%LOCALAPPDATA%\N9xlenSjFgDqMBk86hSw8YpcFERSdhRWD\llkFoPdz1rSS.wsf"
- '%ProgramFiles%\internet explorer\iexplore.exe' -Embedding