Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'kmyshare.exe' = '%APPDATA%\Microsoft\kmyshare.exe'
- <SYSTEM32>\cscript.exe
- %APPDATA%\2579041.bat
- %APPDATA%\Microsoft\kmyshare.exe
- '31.##2.210.86':8080
- '50.##.152.113':8080
- '16#.#48.214.137':8080
- '58.#7.0.5':8080
- '20#.#3.183.196':8080
- '69.#4.70.26':8080
- '50.##.152.124':8080
- '94.##.218.166':8080
- '69.##.69.191':8080
- ClassName: '(null)' WindowName: 'yzasxQU Z Sce'
- ClassName: '(null)' WindowName: 'xpykurtTvyOG'
- ClassName: '(null)' WindowName: 'txEnszz'
- ClassName: '(null)' WindowName: 'Qfuci '
- ClassName: 'Indicator' WindowName: '(null)'
- ClassName: '(null)' WindowName: 'NxhT'
- ClassName: '(null)' WindowName: 'kqAimc mP '
- ClassName: '(null)' WindowName: 'vhnDtm'
- ClassName: '(null)' WindowName: 'qjrQxGQC'
- ClassName: '(null)' WindowName: 'olaz sndiTY '
- ClassName: '(null)' WindowName: 'rOCpf nrI gZz '
- ClassName: '(null)' WindowName: 'nukztq '
- ClassName: '(null)' WindowName: ' rcPal'
- ClassName: '(null)' WindowName: ' Mnt'