Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'ZDYY' = '%WINDIR%\svchosc.exe'
- '%WINDIR%\svchosc.exe'
- '<SYSTEM32>\fange\10000876№э·З·Ё2345ДЈїйІејю.exe' fan
- '<SYSTEM32>\fange\10031797<Имя вируса>.exe' fan
- 'C:\№э·З·Ё2345ДЈїйІејю.exe'
- <SYSTEM32>\fange\10000876№э·З·Ё2345ДЈїйІејю.exe
- <SYSTEM32>\fange\8X3LE7T.sys
- %WINDIR%\svchosc.exe
- <SYSTEM32>\fange\10031797<Имя вируса>.exe
- C:\№э·З·Ё2345ДЈїйІејю.exe
- <SYSTEM32>\fange\8X3LE7T.sys
- DNS ASK dn#.##ftncsi.com
- DNS ASK ji#####wnload.2345.cn
- ClassName: 'Button' WindowName: '3'
- ClassName: 'Button' WindowName: '4'
- ClassName: 'Button' WindowName: '5'
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Button' WindowName: '1'
- ClassName: 'Button' WindowName: '2'
- ClassName: 'Button' WindowName: '6'
- ClassName: 'Button' WindowName: 'И·¶Ё'
- ClassName: '#32770' WindowName: 'ДЈїйМбКѕ'
- ClassName: 'WTWindow' WindowName: 'Инјю±¦'
- ClassName: 'Button' WindowName: '7'
- ClassName: 'Button' WindowName: '8'
- ClassName: 'Button' WindowName: '9'