Техническая информация
- [<HKLM>\System\CurrentControlSet\Services\jhjslwlwi] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\jhjslwlwi] 'ImagePath' = '<SYSTEM32>\digital.exe jhjslwlwi'
- 'jhjslwlwi' <SYSTEM32>\digital.exe jhjslwlwi
- %WINDIR%\syswow64\digital.exe
- из <Полный путь к файлу> в %WINDIR%\syswow64\wostmp\_2111949825_1307034002
- '1.###.248.27':27930
- '11#.#3.15.166':27930
- '11#.#8.238.194':27930
- '11#.#93.17.179':27930
- '10#.#4.137.178':27930
- '91.#87.99.3':27930
- '82.##.198.189':27930
- '61.##4.50.237':27930
- '59.##.201.97':27930
- '58.##.147.71':27930
- '49.##.109.173':27930
- '46.##9.73.68':27930
- '11#.#19.252.204':27930
- '45.##0.39.74':27930
- '41.##.186.196':27930
- '37.##6.93.255':27930
- '36.##.33.170':27930
- '36.##.195.104':27930
- '36.##.37.188':27930
- '27.##.245.64':27930
- '<LOCALNET>.47.2':27930
- '2.##7.39.2':27930
- '<LOCALNET>.47.1':27930
- '45.##.254.221':18931
- '<LOCALNET>.47.0':27930
- '43.##5.21.60':27930
- '12#.#8.33.17':27930
- '%WINDIR%\syswow64\digital.exe' jhjslwlwi