Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Intel Wired Network Adapter' = '"%APPDATA%\roaming\Intel Wired Network Adapter\conhost.exe"'
- '%TEMP%\iexplore.exe' -mon
- '%APPDATA%\roaming\Intel Wired Network Adapter\conhost.exe' "<Полный путь к вирусу>"
- <Текущая директория>\check
- %TEMP%\iexplore.exe
- %APPDATA%\Roaming\Intel Wired Network Adapter\conhost.exe
- '18#.#1.138.148':443
- DNS ASK fs####32hk43.com
- DNS ASK sk####ngjjx84.com
- DNS ASK ds####jj329910.com
- DNS ASK ha##an.io
- DNS ASK dn#.##ftncsi.com
- DNS ASK af####n48930.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''