Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'BitLocker Call Controls Grouping' = '%APPDATA%\Roaming\lncbegbadjbtggv\iapxfcbbaucu.exe'
- '%APPDATA%\Roaming\lncbegbadjbtggv\zouqlpcf.exe' "%APPDATA%\Roaming\lncbegbadjbtggv\iapxfcbbaucu.exe"
- '%APPDATA%\Roaming\lncbegbadjbtggv\iapxfcbbaucu.exe'
- %APPDATA%\Roaming\lncbegbadjbtggv\iapxfcbbaucu.wj
- %APPDATA%\Roaming\lncbegbadjbtggv\zouqlpcf.exe
- %APPDATA%\Roaming\lncbegbadjbtggv\iapxfcbbaucu.exe
- %APPDATA%\Roaming\lncbegbadjbtggv\iapxfcbbaucu.exe
- DNS ASK ri####urprise.net
- DNS ASK wh####rsurprise.net
- DNS ASK wh####rbeside.net
- DNS ASK wh####rletter.net
- DNS ASK ri###beside.net
- DNS ASK fo#####different.net
- DNS ASK su####letter.net
- DNS ASK fo####nbeside.net
- DNS ASK dn#.##ftncsi.com
- DNS ASK su####different.net
- DNS ASK fo####nletter.net
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''