Техническая информация
- %APPDATA%\microsoft\windows\start menu\programs\startup\cjwrsxcnhmrvm.lnk
- %LOCALAPPDATA%\wiatrace.log
- %LOCALAPPDATA%\4zt6unkk6luitcistkz7tmw7ljaudrapjc\klggjomkzjbkox18vcej8khuou0lvcynsir.wsf
- %APPDATA%\fhdzsfsfwoeyvwfbz.zip
- %APPDATA%\dcpp0x~1\mxxuqujdkjgnp.db
- %APPDATA%\dcpp0x~1\pawuqsexqyhadnshwg.db
- %APPDATA%\dcpp0x~1\mxxuqujdkjgnp.exe
- %LOCALAPPDATA%\4zt6unkk6luitcistkz7tmw7ljaudrapjc\klggjomkzjbkox18vcej8khuou0lvcynsir.wsf
- %APPDATA%\fhdzsfsfwoeyvwfbz.zip
- http://16#.#13.255.234/Xjyzmzmfm/Ctejxnemv/Fwqmfvmtcyquqklqh/Kimldbhgbia/Fhdzsfsfwoeyvwfbz.db
- '<SYSTEM32>\wscript.exe' "%LOCALAPPDATA%\4zT6UnKk6LuItCIStkz7TmW7LjauDraPjc\klGGJomkZjBKox18VCej8KhUOu0LvCyNsiR.wsf"