Техническая информация
- [<HKLM>\SYSTEM\CurrentControlSet\Services\ddfbbdfbb8b86bf46dbbb6d0408f8866] 'ImagePath' = '%TEMP%\ddfbbdfbb8b86bf46dbbb6d0408f8866\ddfbbdfbb8b86bf46dbbb6d0408f8866.sys'
- [<HKLM>\System\CurrentControlSet\Services\{45487F67-EC9F-4449-A6F2-2D0970F9B80B}] 'Start' = '00000000'
- [<HKLM>\System\CurrentControlSet\Services\{45487F67-EC9F-4449-A6F2-2D0970F9B80B}] 'ImagePath' = 'system32\drivers\Wdf39836.sys'
- 'ddfbbdfbb8b86bf46dbbb6d0408f8866' %TEMP%\ddfbbdfbb8b86bf46dbbb6d0408f8866\ddfbbdfbb8b86bf46dbbb6d0408f8866.sys
- %TEMP%\ddfbbdfbb8b86bf46dbbb6d0408f8866\ddfbbdfbb8b86bf46dbbb6d0408f8866.sys
- http://x5.##tocz.com/000/0012
- http://s1.##tocz.com/8uln75z8hht53v
- http://s1.##cmv.com/3gwm47ko0fi
- DNS ASK ip###ger.org
- DNS ASK s1.##tocz.com
- DNS ASK s2.##tocz.com
- DNS ASK s1.##cmv.com
- DNS ASK x5.##tocz.com