Техническая информация
- [<HKCU>\software\microsoft\windows\currentversion\run] '{1HO4OZHH-182872-GOV4VF-GOV4VFOOPE}' = '"%TEMP%\Xcnuffeymwkwcb.exe" ..'
- [<HKCU>\software\microsoft\windows\currentversion\run] '{1HO4OZHH-182872-GOV4VF-GOV4VFOOPE}' = '"%APPDATA%\SecurityHealthSystrayt.exe" ..'
- securityhealthsystrayt.exe
- %TEMP%\xcnuffeymwkwcb.exe
- %TEMP%\vyntc.exe
- %APPDATA%\securityhealthsystrayt.exe
- 'Mj#####82.portmap.io':49682
- DNS ASK Mj#####82.portmap.io
- DNS ASK mi#####dia.sytes.net
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''
- '%TEMP%\xcnuffeymwkwcb.exe'
- '%TEMP%\vyntc.exe'
- '%APPDATA%\securityhealthsystrayt.exe'