Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\services\Connections Policy Instrumentation Credential] 'Start' = '00000002'
- 'C:\fcismivtdfztoz\brtftzbu.exe' "c:\fcismivtdfztoz\kgpjahhxryql.exe"
- 'C:\fcismivtdfztoz\kgpjahhxryql.exe'
- 'C:\fcismivtdfztoz\iu7klbdwowtmvxjh38w.exe'
- C:\fcismivtdfztoz\kgpjahhxryql.exe
- C:\fcismivtdfztoz\brtftzbu.exe
- C:\fcismivtdfztoz\xh1rojekxow
- %WINDIR%\fcismivtdfztoz\qeabieuynd
- C:\fcismivtdfztoz\qeabieuynd
- C:\fcismivtdfztoz\iu7klbdwowtmvxjh38w.exe
- C:\fcismivtdfztoz\brtftzbu.exe
- C:\fcismivtdfztoz\kgpjahhxryql.exe
- C:\fcismivtdfztoz\iu7klbdwowtmvxjh38w.exe
- %WINDIR%\fcismivtdfztoz\qeabieuynd
- DNS ASK st####arrive.net
- DNS ASK tr###office.net
- DNS ASK tr###arrive.net
- DNS ASK ga####supply.net
- DNS ASK be####supply.net
- DNS ASK st####office.net
- DNS ASK tr###supply.net
- DNS ASK st####supply.net
- DNS ASK dn#.##ftncsi.com
- DNS ASK tr####istance.net
- DNS ASK st####distance.net
- ClassName: 'Shell_TrayWnd' WindowName: ''