Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Registry Key Configuration Studio Config Sharing' = '%APPDATA%\Roaming\zsrmfialdy\yrkvcojnbpt.exe'
- '%APPDATA%\Roaming\zsrmfialdy\axqmlggey.exe' "%APPDATA%\Roaming\zsrmfialdy\yrkvcojnbpt.exe"
- '%APPDATA%\Roaming\zsrmfialdy\yrkvcojnbpt.exe'
- %APPDATA%\Roaming\zsrmfialdy\yrkvcojnbpt.ec
- %APPDATA%\Roaming\zsrmfialdy\axqmlggey.exe
- %APPDATA%\Roaming\zsrmfialdy\yrkvcojnbpt.exe
- %APPDATA%\Roaming\zsrmfialdy\yrkvcojnbpt.exe
- DNS ASK pr####course.net
- DNS ASK do####course.net
- DNS ASK do###rwomen.net
- DNS ASK fe###wclean.net
- DNS ASK pr###ywomen.net
- DNS ASK dn#.##ftncsi.com
- DNS ASK do###rclean.net
- DNS ASK pr###yclean.net
- DNS ASK pr###ypaint.net
- DNS ASK do###rpaint.net
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''