Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'chromenet' = '"%APPDATA%\chromenet.exe" +e'
- Средство контроля пользовательских учетных записей (UAC)
- '%APPDATA%\wget.exe' -O "%APPDATA%\arsiv.exe" "MZђ"
- '%APPDATA%\chromenet.exe' +e
- '<SYSTEM32>\taskkill.exe' /IM chrome.exe /F
- chrome.exe
- %APPDATA%\wget.exe
- %APPDATA%\bg.txt
- %APPDATA%\manifest.json
- %APPDATA%\chromenet.exe
- %APPDATA%\pingjs.js
- %APPDATA%\hash.txt
- %APPDATA%\pingjs.js
- 'sc####lesapps.com':80
- 'mu####acivan.com':80
- '74.##5.232.51':80
- 'wh##.amung.us':80
- mu####acivan.com/coderes2/background.js
- mu####acivan.com/coderes2/manifest.json
- wh##.amung.us/pingjs/?k=##########
- sc####lesapps.com/exelink.txt
- DNS ASK sc####lesapps.com
- DNS ASK mu####acivan.com
- DNS ASK www.google.com
- DNS ASK wh##.amung.us
- ClassName: 'Indicator' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'AutoHotkey' WindowName: '%APPDATA%\chromenet.exe'
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''