Техническая информация
- [<HKLM>\SYSTEM\CurrentControlSet\Services\2Gs8fn6OzpQoP] 'ImagePath' = 'C:\Users\Public\Videos\srX4JU7aMqo6s6F.sys'
- [<HKLM>\System\CurrentControlSet\Services\{45487F67-EC9F-4449-A6F2-2D0970F9B80B}] 'Start' = '00000000'
- [<HKLM>\System\CurrentControlSet\Services\{45487F67-EC9F-4449-A6F2-2D0970F9B80B}] 'ImagePath' = 'system32\drivers\IQHyyfB.sys'
- [<HKLM>\SYSTEM\CurrentControlSet\Services\qOoKjxA2GWl8z0] 'ImagePath' = 'C:\Users\Public\Videos\srX4JU7aMqo6s6F.sys'
- '2Gs8fn6OzpQoP' C:\Users\Public\Videos\srX4JU7aMqo6s6F.sys
- C:\users\public\videos\srx4ju7amqo6s6f.sys
- <SYSTEM32>\config\000000
- <SYSTEM32>\config\000000.log1
- <SYSTEM32>\config\000000 в <SYSTEM32>\config\system
- <SYSTEM32>\config\000000
- 'ip###ger.org':443
- 'microsoft.com':80
- 'h1.##cdm.com':80
- 'x1.##cdm.com':80
- 'd1.##cdm.com':443
- http://h1.##cdm.com/273wz0tliqzs
- DNS ASK ip###ger.org
- DNS ASK microsoft.com
- DNS ASK h1.##cdm.com
- DNS ASK x1.##cdm.com
- DNS ASK d1.##cdm.com