Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'VFXGNxv++pP' = '<LS_APPDATA>\Microsoft\Windows\akvorfv.exe'
- '<SYSTEM32>\svchost.exe'
- <SYSTEM32>\svchost.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\QWRsN2srdjlxUUdDYVp0aTBMUzl2K2V1bTEvaXp4NlBxNUJjbE9OMjJ6QzZuWHkyYldtcjBvZ0p0ZENJTlZWKzRXcWdhT0xQU001Q2pjZUg2djJabEJDRzhabVo4RldBWkVjeXdVWVE2Q3RNOGR4cmtFWW[1]
- %TEMP%\ziwlzldsn.tmp
- <LS_APPDATA>\Microsoft\Windows\akvorfv.exe
- %TEMP%\ziwlzldsn.tmp
- 'to#####knetwork.in.net':80
- to#####knetwork.in.net/QWRsN2srdjlxUUdDYVp0aTBMUzl2K2V1bTEvaXp4NlBxNUJjbE9OMjJ6QzZuWHkyYldtcjBvZ0p0ZENJTlZWKzRXcWdhT0xQU001Q2pjZUg2djJabEJDRzhabVo4RldBWkVjeXdVWVE2Q3RNOGR4cmtFWWphMlk5
- to#####knetwork.in.net/
- DNS ASK to#####knetwork.in.net
- ClassName: 'Indicator' WindowName: '(null)'