Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\services\AService] 'Start' = '00000002'
- 'C:\ProgramData\Smrse.exe'
- 'C:\ProgramData\Smrsa.exe'
- <SYSTEM32>\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y3PNY1M8\rhjm874_bj_mo-vx_sgv[1]
- C:\ProgramData\DisrIbs.dll
- <SYSTEM32>\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NL36OFJC\rfr[1]
- C:\ProgramData\Smrse.exe
- C:\ProgramData\Smrsa.exe
- 'www.nf#######sigwkjasdtribeq.bol':80
- 'www.rh#####.bj.mo-vx.sgv':80
- 'localhost':50052
- www.nf#######sigwkjasdtribeq.bol/pw/rfr
- www.rh#####.bj.mo-vx.sgv/
- DNS ASK www.nf#######sigwkjasdtribeq.bol
- DNS ASK www.rh#####.bj.mo-vx.sgv