Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Name Publication Video NetBIOS Process Level' = '%APPDATA%\Roaming\soonbbepzmzk\oxijlytxecr.exe'
- '%APPDATA%\Roaming\soonbbepzmzk\sxepdgiyvcd.exe' "%APPDATA%\Roaming\soonbbepzmzk\oxijlytxecr.exe"
- '%APPDATA%\Roaming\soonbbepzmzk\oxijlytxecr.exe'
- %APPDATA%\Roaming\soonbbepzmzk\oxijlytxecr.ug
- %APPDATA%\Roaming\soonbbepzmzk\sxepdgiyvcd.exe
- %APPDATA%\Roaming\soonbbepzmzk\oxijlytxecr.exe
- %APPDATA%\Roaming\soonbbepzmzk\sxepdgiyvcd.exe
- %APPDATA%\Roaming\soonbbepzmzk\oxijlytxecr.exe
- DNS ASK ei####however.net
- DNS ASK en####hperiod.net
- DNS ASK en####hhowever.net
- DNS ASK be####esingle.net
- DNS ASK ex####single.net
- DNS ASK ei####period.net
- DNS ASK en####hchoose.net
- DNS ASK ei####choose.net
- DNS ASK dn#.##ftncsi.com
- DNS ASK en####halthough.net
- DNS ASK ei####although.net
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''