Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '' = '%APPDATA%\cKDfOvklFSdFIQH.exe'
- '%APPDATA%\cKDfOvklFSdFIQH.exe'
- <SYSTEM32>\svchost.exe
- <SYSTEM32>\config\systemprofile\Application Data\d6r5g4da.db
- %APPDATA%\cKDfOvklFSdFIQH.exe
- '74.##5.232.51':80
- DNS ASK st###.l.google.com
- DNS ASK st##.#oipstunt.com
- DNS ASK google.com
- '74.##5.232.51':19302
- 'st##.#oipstunt.com':3478
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'MS_WINHELP' WindowName: ''