Техническая информация
- %APPDATA%\microsoft\windows\start menu\programs\startup\hlgxbtxqrkzzn2huyw.lnk
- %LOCALAPPDATA%\wiatrace.log
- %LOCALAPPDATA%\xqkmideu2xtsd6mogw\oxcti4bkjm6yltd.wsf
- %APPDATA%\tzywilrqvuweht.zip
- %APPDATA%\jxocbb~1\mxxuqujdkjgnp.db
- %APPDATA%\jxocbb~1\pawuqsexqyhadnshwg.db
- %APPDATA%\jxocbb~1\mxxuqujdkjgnp.exe
- %LOCALAPPDATA%\xqkmideu2xtsd6mogw\oxcti4bkjm6yltd.wsf
- %APPDATA%\tzywilrqvuweht.zip
- http://63.##0.42.87/Qqgplkgwxenygj/Vkynkjpyeqcjpj/Mcgehspubnl/Njxsuepsgugxyv/Tzywilrqvuweht.db
- '<SYSTEM32>\wscript.exe' "%LOCALAPPDATA%\xqkmidEU2xTsd6MOgW\OXCTI4bkJm6YLtd.wsf"