Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Publication Tools Interactive' = '%APPDATA%\Roaming\jcumcsheke\bsgdergurujq.exe'
- '%APPDATA%\Roaming\jcumcsheke\ynlnffh.exe' "%APPDATA%\Roaming\jcumcsheke\bsgdergurujq.exe"
- '%APPDATA%\Roaming\jcumcsheke\bsgdergurujq.exe'
- %APPDATA%\Roaming\jcumcsheke\bsgdergurujq.pssar
- %APPDATA%\Roaming\jcumcsheke\ynlnffh.exe
- %APPDATA%\Roaming\jcumcsheke\bsgdergurujq.exe
- %APPDATA%\Roaming\jcumcsheke\bsgdergurujq.exe
- DNS ASK en####hduring.net
- DNS ASK ei####during.net
- DNS ASK ex###tclear.net
- DNS ASK ex####general.net
- DNS ASK be####eclear.net
- DNS ASK en####hindeed.net
- DNS ASK ei####notice.net
- DNS ASK en####hlength.net
- DNS ASK dn#.##ftncsi.com
- DNS ASK ei####indeed.net
- DNS ASK en####hnotice.net
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''