Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'ejqbeqe.dll' = '<SYSTEM32>\rundll32.exe <SYSTEM32>\ejqbeqe.dll,mussfnd'
- '<SYSTEM32>\rundll32.exe' <SYSTEM32>\ejqbeqe.dll,mussfnd
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\QgaHo26bYGAjqj95DIK1[1]
- <SYSTEM32>\qyomnsg.dll
- <SYSTEM32>\ejqbeqe.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\QgaHo26bYGAjqj95DIK1[1]
- '20#.#26.177.108':80
- 'localhost':1035
- 20#.#26.177.108/SF/QgaHo26bYGAjqj95DIK1