Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'NT32service' = 'C:\RECYCLER\cd78bxs.vbs'
- C:\RECYCLER\svchost.exe
- %TEMP%\tmp5.tmp
- %TEMP%\tmp4.tmp
- %TEMP%\tmp6.tmp
- %TEMP%\tmp8.tmp
- %TEMP%\tmp7.tmp
- C:\RECYCLER\svchost.exe
- C:\RECYCLER\cd78bxs.vbs
- %TEMP%\tmp1.tmp
- %TEMP%\tmp3.tmp
- %TEMP%\tmp2.tmp
- C:\RECYCLER\cd78bxs.vbs
- C:\RECYCLER\svchost.exe
- '93.##8.134.11':465
- DNS ASK sm##.yandex.ru