Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\stisvcSys] 'Start' = '00000002'
- '<SYSTEM32>\svchost.exe' -k netsvcs
- <SYSTEM32>\svchost.exe
- %ALLUSERSPROFILE%\Application Data\Mozilla\svchost.exe
- %ALLUSERSPROFILE%\Application Data\Mozilla\UV9FXlFbb1NfWVQPBg.bin
- %ALLUSERSPROFILE%\Application Data\Mozilla\svchost.exe
- %ALLUSERSPROFILE%\Application Data\Mozilla\UV9FXlFbb1NfWVQPBg.bin
- '21#.#70.117.88':443
- 'co####trevel.com':80
- '80.##5.10.230':443
- co####trevel.com/NnbebryzFN-fIH/IiH6ew/S6WEvrycZtkoq/EI8twv0hb/YE0tulVXnk8lF3b.bml?Zr################################################################################
- co####trevel.com/VhvcTNMry4a3a/Net.m/QRJR9/jrQui1wJ6z.bG/008sKPfrZ1NQk.cgi?lD########################################################
- co####trevel.com/LlDSNDbZK9ZaaN60mSOQzsi/kwhz6J2K/Sej/WseSs9b2.Ec1g86XX6rv9JDs8PzUIESHDa-XmtDeHngPLy8bbn8e-Z.bml?Mo#################################################################################
- co####trevel.com/rxOFvooJt1aQhwGDG5Vwt8hi2PFo17sKYgrJEd.EHW7wV4Kn8XhIggZ8s3U.YtcfHMJSIeXKbejd1Ku61toPGjQOEb/nnq.vdNoV42TcIwCPnYcExN3pqfnCZag0uoUiUNTSy.VhKyJNp4w0uzR-f2okQTVsOTWSZ0cI06OIP.htm
- DNS ASK co####trevel.com
- ClassName: 'Shell_TrayWnd' WindowName: ''