Техническая информация
- '%TEMP%\cachedump.exe'
- '%TEMP%\cachedump.exe' -s
- '%TEMP%\pwdump.exe'
- '%TEMP%\imokav.exe'
- <SYSTEM32>\lsass.exe
- <Текущая директория>\127.0.0.1.pwdump
- %TEMP%\pstgdump.exe
- <Текущая директория>\127.0.0.1.cachedump
- <LS_APPDATA>\ApplicationHistory\cachedump.exe.2efaef56.ini
- %TEMP%\cachedump.exe
- %TEMP%\imokav.exe
- %TEMP%\pwdump.exe
- %TEMP%\fgexec.exe
- %TEMP%\lstarget.dll
- %TEMP%\lstarget.dll
- %TEMP%\fgexec.exe
- %TEMP%\pwdump.exe
- %TEMP%\imokav.exe
- %TEMP%\cachedump.exe
- %WINDIR%\Microsoft.NET\Framework\v1.1.4322\CONFIG\security.config.cch.2404.203750
- %WINDIR%\Microsoft.NET\Framework\v1.1.4322\CONFIG\enterprisesec.config.cch.2424.206312
- %TEMP%\pstgdump.exe
- %WINDIR%\Microsoft.NET\Framework\v1.1.4322\CONFIG\enterprisesec.config.cch.2404.203765
- %WINDIR%\Microsoft.NET\Framework\v1.1.4322\CONFIG\security.config.cch в %WINDIR%\Microsoft.NET\Framework\v1.1.4322\CONFIG\security.config.cch.2404.203750
- %WINDIR%\Microsoft.NET\Framework\v1.1.4322\CONFIG\enterprisesec.config.cch в %WINDIR%\Microsoft.NET\Framework\v1.1.4322\CONFIG\enterprisesec.config.cch.2424.206312
- %WINDIR%\Microsoft.NET\Framework\v1.1.4322\CONFIG\enterprisesec.config.cch.new в %WINDIR%\Microsoft.NET\Framework\v1.1.4322\CONFIG\enterprisesec.config.cch
- %WINDIR%\Microsoft.NET\Framework\v1.1.4322\CONFIG\enterprisesec.config.cch в %WINDIR%\Microsoft.NET\Framework\v1.1.4322\CONFIG\enterprisesec.config.cch.2404.203765