Техническая информация
- <SYSTEM32>\tasks\usbdriverloggingver6.67
- ClassName: 'OLLYDBG', WindowName: ''
- %TEMP%\5b9htlvhrmuyvkcuznyzcvbnn4tcarbp.exe
- %TEMP%\hkb9ofsga3pmfppdg3uskkjkkveybshj.exe
- %TEMP%\usb driver logging ver 6.67\usbdriverloggingver6.67.exe
- %TEMP%\tmpb8d3.tmp.bat
- nul
- %TEMP%\hkb9ofsga3pmfppdg3uskkjkkveybshj.exe
- 'clients3.google.com':80
- 'we#######e.ultimate-mailer.com':443
- '13#.#43.113.69':2729
- 'we#######e.ultimate-mailer.com':443
- DNS ASK clients3.google.com
- DNS ASK we#######e.ultimate-mailer.com
- '%TEMP%\5b9htlvhrmuyvkcuznyzcvbnn4tcarbp.exe'
- '%TEMP%\hkb9ofsga3pmfppdg3uskkjkkveybshj.exe'
- '%TEMP%\usb driver logging ver 6.67\usbdriverloggingver6.67.exe'
- '%WINDIR%\syswow64\cmd.exe' /c schtasks /create /f /sc onlogon /rl highest /tn "USBDriverLoggingver6.67" /tr '"%TEMP%\USB Driver Logging ver 6.67\USBDriverLoggingver6.67.exe"' & exit' (со скрытым окном)
- '%WINDIR%\syswow64\cmd.exe' /c schtasks /create /f /sc onlogon /rl highest /tn "USBDriverLoggingver6.67" /tr '"%TEMP%\USB Driver Logging ver 6.67\USBDriverLoggingver6.67.exe"' & exit
- '%WINDIR%\syswow64\cmd.exe' /c ""%TEMP%\tmpB8D3.tmp.bat""
- '%WINDIR%\syswow64\timeout.exe' 3
- '%WINDIR%\syswow64\schtasks.exe' /create /f /sc onlogon /rl highest /tn "USBDriverLoggingver6.67" /tr '"%TEMP%\USB Driver Logging ver 6.67\USBDriverLoggingver6.67.exe"'