Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\zxzxcyqhgcads.exe
- '%TEMP%\xarula\zxzxcyqhgcads.exe'
- '%TEMP%\xarula\zxzxcyqhgcads.exe' (загружен из сети Интернет)
- %TEMP%\xarula\zxzxcyqhgcads.exe
- 'po######engenharia.com.br':80
- po######engenharia.com.br/wp-admin/css/colors/light/zxzxcyqhgcads.exe
- DNS ASK po######engenharia.com.br
- ClassName: 'Shell_TrayWnd' WindowName: ''