Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] 'lXIiaGfXeWxZIZisNWjoSbhOfx' = '<SYSTEM32>\cuPjPFTDUzp_pN.exe'
- %HOMEPATH%\Start Menu\Programs\Startup\System Check.lnk
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- %WINDIR%\Explorer.EXE
- <SYSTEM32>\cuPjPFTDUzp_pN.exe
- <SYSTEM32>\PerfStringBackup.TMP
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- 'xu####mjcailul.tw':80
- 'wn####ywkcrvon.cc':80
- 'wa####abrnyqrb.in':80
- 'co####oeiycaiy.in':80
- 'nh####gdbuejxa.com':80
- 'nd####daxqhyla.net':80
- 'lc####ahotibpk.cc':80
- 'vl####tcnovwmi.in':80
- 'br####ecdtotav.com':80
- 'wg####pgvonkfb.com':80
- 'ad####bvneroxi.net':80
- 'ai####pvkdpijo.tw':80
- xu####mjcailul.tw/
- wn####ywkcrvon.cc/
- wa####abrnyqrb.in/
- co####oeiycaiy.in/
- nh####gdbuejxa.com/
- nd####daxqhyla.net/
- lc####ahotibpk.cc/
- vl####tcnovwmi.in/
- br####ecdtotav.com/
- wg####pgvonkfb.com/
- ad####bvneroxi.net/
- ai####pvkdpijo.tw/
- DNS ASK xu####mjcailul.tw
- DNS ASK wn####ywkcrvon.cc
- DNS ASK wa####abrnyqrb.in
- DNS ASK co####oeiycaiy.in
- DNS ASK nh####gdbuejxa.com
- DNS ASK nd####daxqhyla.net
- DNS ASK lc####ahotibpk.cc
- DNS ASK vl####tcnovwmi.in
- DNS ASK br####ecdtotav.com
- DNS ASK wg####pgvonkfb.com
- DNS ASK ad####bvneroxi.net
- DNS ASK ai####pvkdpijo.tw