Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\services\Tunneling Firewall Visual Biometric Disk] 'Start' = '00000002'
- 'C:\ffbdvuzau\wlehryogo.exe' "c:\ffbdvuzau\npjagpmn.exe"
- 'C:\ffbdvuzau\npjagpmn.exe'
- 'C:\ffbdvuzau\yb8t2iokefxeivng.exe'
- C:\ffbdvuzau\npjagpmn.exe
- C:\ffbdvuzau\wlehryogo.exe
- C:\ffbdvuzau\ewbxfxj
- %WINDIR%\ffbdvuzau\z6gyurtber1
- C:\ffbdvuzau\z6gyurtber1
- C:\ffbdvuzau\yb8t2iokefxeivng.exe
- C:\ffbdvuzau\wlehryogo.exe
- C:\ffbdvuzau\npjagpmn.exe
- C:\ffbdvuzau\yb8t2iokefxeivng.exe
- %WINDIR%\ffbdvuzau\z6gyurtber1
- DNS ASK ni###thrown.net
- DNS ASK de###estorm.net
- DNS ASK de####thrown.net
- DNS ASK ca####nhunger.net
- DNS ASK la###hunger.net
- DNS ASK ni####raining.net
- DNS ASK de####hunger.net
- DNS ASK dn#.##ftncsi.com
- DNS ASK ni###storm.net
- DNS ASK de####training.net
- ClassName: 'Shell_TrayWnd' WindowName: ''