Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '55c220233b14a7b3a2b3f3db8a2fc77f' = 'C:\ProgramData\Default.exe'
- <LS_APPDATA>\Microsoft\Vault\4BF4C442-9B8A-41A0-B380-DD4A704DDB28\Policy.vpol
- %APPDATA%\Roaming\Microsoft\Protect\S-1-5-21-2832440558-3064306045-1455513625-1000\2a06bf64-b85a-413f-bfdf-e147af904302
- C:\ProgramData\Browsers.txt
- C:\ProgramData\BVNSEUHJ_Март_3_10_04_1.jpg
- C:\ProgramData\Default.exe
- C:\ProgramData\Microsoft\Vault\AC658CB4-9126-49BD-B877-31EEDAB3F204\Policy.vpol
- <SYSTEM32>\Microsoft\Protect\S-1-5-18\User\cd25d9c2-ad7a-4cc5-9094-871f5f02ce76
- C:\ProgramData\Microsoft\Vault\AC658CB4-9126-49BD-B877-31EEDAB3F204\3CCD5499-87A8-4B10-A215-608888DD3B55.vsch
- \Device\Mup\BVNSEUHJ*\MAILSLOT\NET\NETLOGON
- C:\ProgramData\Microsoft\Vault\AC658CB4-9126-49BD-B877-31EEDAB3F204\2F1A6504-0641-44CF-8BB5-3612D865F2E5.vsch
- C:\ProgramData\BVNSEUHJ_Март_3_10_04_1.jpg
- DNS ASK dn#.##ftncsi.com
- DNS ASK te####logs.esy.es
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''