Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'kmyshare.exe' = '%APPDATA%\Microsoft\kmyshare.exe'
- <SYSTEM32>\cscript.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\cacb7094[1].htm
- %APPDATA%\2925246.bat
- %APPDATA%\Microsoft\kmyshare.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\cacb7094[1].htm
- 'la###nhum.pw':80
- 'ge###fobus.pw':80
- 'sa##ach.pw':80
- 'fo###inggeim.pw':80
- la###nhum.pw/88e6680f/cacb7094/
- ge###fobus.pw/88e6680f/cacb7094/
- sa##ach.pw/88e6680f/cacb7094/
- fo###inggeim.pw/88e6680f/cacb7094/
- DNS ASK la###nhum.pw
- DNS ASK ge###fobus.pw
- DNS ASK sa##ach.pw
- DNS ASK fo###inggeim.pw
- ClassName: '(null)' WindowName: 'f rce u jRd'
- ClassName: '(null)' WindowName: 'njC'
- ClassName: '(null)' WindowName: 'geykn'
- ClassName: '(null)' WindowName: 'qLxSizndzx u'
- ClassName: 'Indicator' WindowName: '(null)'
- ClassName: '(null)' WindowName: 'zF '
- ClassName: '(null)' WindowName: 'inc k'
- ClassName: '(null)' WindowName: 'Lb fjtCT'
- ClassName: '(null)' WindowName: 'EDqiiohoiwv'
- ClassName: '(null)' WindowName: 'wL'
- ClassName: '(null)' WindowName: ' YP ixee aE'
- ClassName: '(null)' WindowName: 'odqhBXvQWyJMtBmY'
- ClassName: '(null)' WindowName: 'dkufjjq IpGt vd'
- ClassName: '(null)' WindowName: 'w ZXsxpMopz'
- ClassName: '(null)' WindowName: 'DoX Oxe P'