Техническая информация
- %APPDATA%\microsoft\windows\start menu\programs\startup\newdev.url
- %WINDIR%\microsoft.net\framework\v4.0.30319\msbuild.exe
- ClassName: 'RegmonClass', WindowName: ''
- ClassName: 'FilemonClass', WindowName: ''
- ClassName: 'PROCMON_WINDOW_CLASS', WindowName: ''
- %HOMEPATH%\newdev\newdev.vbs
- %HOMEPATH%\newdev\capabilityaccessmanagerclient.exe
- %TEMP%\gameapp.exe
- %LOCALAPPDATA%\microsoft\windows\history\history.ie5\mshist012020042120200422\index.dat
- http://ch#####.amazonaws.com/
- http://www.ge###ugin.net/json.gp?ip###############
- http://18#.###.102.232:5692/IRemotePanel via 18#.#48.102.232
- DNS ASK ch#####.amazonaws.com
- DNS ASK ge###ugin.net
- ClassName: 'Registry Monitor - Sysinternals: www.sysinternals.com' WindowName: ''
- ClassName: '18467-41' WindowName: ''
- ClassName: 'File Monitor - Sysinternals: www.sysinternals.com' WindowName: ''
- ClassName: 'Process Monitor - Sysinternals: www.sysinternals.com' WindowName: ''
- ClassName: 'DDEMLMom' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''
- ClassName: 'Static' WindowName: ''
- '%TEMP%\gameapp.exe'
- '%WINDIR%\microsoft.net\framework\v4.0.30319\msbuild.exe'