Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\services\Net.Tcp Authentication Log Search PC WMI] 'Start' = '00000002'
- 'C:\qvchmodcna\vckpffa.exe' "c:\qvchmodcna\amnayvjuinhm.exe"
- 'C:\qvchmodcna\amnayvjuinhm.exe'
- 'C:\qvchmodcna\nipemqcsqyugufjqazi.exe'
- C:\qvchmodcna\amnayvjuinhm.exe
- C:\qvchmodcna\vckpffa.exe
- C:\qvchmodcna\cluajluf
- %WINDIR%\qvchmodcna\frfaws7
- C:\qvchmodcna\frfaws7
- C:\qvchmodcna\nipemqcsqyugufjqazi.exe
- C:\qvchmodcna\vckpffa.exe
- C:\qvchmodcna\amnayvjuinhm.exe
- C:\qvchmodcna\nipemqcsqyugufjqazi.exe
- %WINDIR%\qvchmodcna\frfaws7
- DNS ASK hu####dindustry.net
- DNS ASK jo####yindustry.net
- DNS ASK jo####ybecame.net
- DNS ASK jo####ycontain.net
- DNS ASK hu####dbecame.net
- DNS ASK re#####rdiscover.net
- DNS ASK wo###wonder.net
- DNS ASK re####ermaster.net
- DNS ASK dn#.##ftncsi.com
- DNS ASK wo####iscover.net
- DNS ASK re####erwonder.net
- ClassName: 'Shell_TrayWnd' WindowName: ''