Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\services\Extensible BitLocker ActiveX Reporting Locator] 'Start' = '00000002'
- 'C:\bnfioaza\rhgzpds.exe' "c:\bnfioaza\brxclkf.exe"
- 'C:\bnfioaza\brxclkf.exe'
- 'C:\bnfioaza\tyv6uvqovfvy7qxt.exe'
- C:\bnfioaza\brxclkf.exe
- C:\bnfioaza\rhgzpds.exe
- C:\bnfioaza\xmjbeavf
- %WINDIR%\bnfioaza\myc5shtw
- C:\bnfioaza\myc5shtw
- C:\bnfioaza\tyv6uvqovfvy7qxt.exe
- C:\bnfioaza\rhgzpds.exe
- C:\bnfioaza\brxclkf.exe
- C:\bnfioaza\tyv6uvqovfvy7qxt.exe
- %WINDIR%\bnfioaza\myc5shtw
- DNS ASK wh####rcorner.net
- DNS ASK ri####pecial.net
- DNS ASK ri###corner.net
- DNS ASK th####flower.net
- DNS ASK fi####flower.net
- DNS ASK wh####rspecial.net
- DNS ASK ri###flower.net
- DNS ASK wh####rflower.net
- DNS ASK dn#.##ftncsi.com
- DNS ASK ri###minute.net
- DNS ASK wh####rminute.net
- ClassName: 'Shell_TrayWnd' WindowName: ''