Техническая информация
- <SYSTEM32>\tasks\aultur
- %TEMP%\quep.dll
- %TEMP%\plot
- %TEMP%\quep.dll
- %APPDATA%\sumter\telmuch.dll
- %TEMP%\plot
- '<SYSTEM32>\rundll32.exe' "%APPDATA%\sumter\telmuch.dll", vlta' (со скрытым окном)
- '%CommonProgramFiles%\microsoft shared\equation\eqnedt32.exe' -Embedding
- '<SYSTEM32>\taskeng.exe' {937CAB9B-93B0-4F3B-857D-49002EAB77FA} S-1-5-21-1960123792-2022915161-3775307078-1001:wizfvi\user:Interactive:[1]
- '<SYSTEM32>\rundll32.exe' "%APPDATA%\sumter\telmuch.dll", vlta