Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\services\Support Cache Instrumentation Human] 'Start' = '00000002'
- 'C:\kowqkwjyvqcoj\kefhrajh.exe' "c:\kowqkwjyvqcoj\hdtsldtexnxl.exe"
- 'C:\kowqkwjyvqcoj\hdtsldtexnxl.exe'
- 'C:\kowqkwjyvqcoj\t28ca0gx5zbrrlkwwx1.exe'
- C:\kowqkwjyvqcoj\hdtsldtexnxl.exe
- C:\kowqkwjyvqcoj\kefhrajh.exe
- C:\kowqkwjyvqcoj\horqv5twpcog
- %WINDIR%\kowqkwjyvqcoj\wcb7aleon
- C:\kowqkwjyvqcoj\wcb7aleon
- C:\kowqkwjyvqcoj\t28ca0gx5zbrrlkwwx1.exe
- C:\kowqkwjyvqcoj\kefhrajh.exe
- C:\kowqkwjyvqcoj\hdtsldtexnxl.exe
- C:\kowqkwjyvqcoj\t28ca0gx5zbrrlkwwx1.exe
- %WINDIR%\kowqkwjyvqcoj\wcb7aleon
- DNS ASK wo###apple.net
- DNS ASK re####erfather.net
- DNS ASK re####erapple.net
- DNS ASK re####erbuilt.net
- DNS ASK wo###built.net
- DNS ASK fo###tcarry.net
- DNS ASK in####sebuilt.net
- DNS ASK dn#.##ftncsi.com
- DNS ASK wo###father.net
- DNS ASK in####secarry.net
- ClassName: 'Shell_TrayWnd' WindowName: ''