Техническая информация
- Средство контроля пользовательских учетных записей (UAC)
- '%PROGRAM_FILES%\Probot\MAP1.exe'
- '%PROGRAM_FILES%\Probot\probot.exe'
- '%PROGRAM_FILES%\Probot\0yunMac.exe'
- '<SYSTEM32>\regsvr32.exe' /s AutoItX3.dll
- %APPDATA%\Microsoft\Protect\S-1-5-21-2052111302-484763869-725345543-1003\Preferred
- %APPDATA%\Microsoft\Protect\S-1-5-21-2052111302-484763869-725345543-1003\8986bdb8-13f6-43e9-b91b-0c4bb8192768
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\koxp.alcazer[1].1-19991
- %APPDATA%\Microsoft\Crypto\RSA\S-1-5-21-2052111302-484763869-725345543-1003\88603cb2913a7df3fbd16b5f958e6447_23ef5514-3059-436f-a4a7-4cefaab20eb1
- %PROGRAM_FILES%\Probot\MAP1.exe
- %PROGRAM_FILES%\Probot\0yunMac.exe
- %PROGRAM_FILES%\Probot\AutoItX3.dll
- %PROGRAM_FILES%\Probot\probot.exe
- 'ko##.#lcazer.com':80
- 'localhost':1036
- ko##.#lcazer.com/?Pr#####################
- DNS ASK ko##.#lcazer.com
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'