Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\services\Grouping Base Panel Profile Awareness Server] 'Start' = '00000002'
- 'C:\ejcfazjrqrwdz\ccjkejvuvgi.exe' "c:\ejcfazjrqrwdz\emhodvwv.exe"
- 'C:\ejcfazjrqrwdz\emhodvwv.exe'
- 'C:\ejcfazjrqrwdz\szhxvyjpgutv0x.exe'
- C:\ejcfazjrqrwdz\emhodvwv.exe
- C:\ejcfazjrqrwdz\ccjkejvuvgi.exe
- C:\ejcfazjrqrwdz\ggjlpdzknn
- %WINDIR%\ejcfazjrqrwdz\twmqha5qz4c
- C:\ejcfazjrqrwdz\twmqha5qz4c
- C:\ejcfazjrqrwdz\szhxvyjpgutv0x.exe
- C:\ejcfazjrqrwdz\ccjkejvuvgi.exe
- C:\ejcfazjrqrwdz\emhodvwv.exe
- C:\ejcfazjrqrwdz\szhxvyjpgutv0x.exe
- %WINDIR%\ejcfazjrqrwdz\twmqha5qz4c
- DNS ASK th####minute.net
- DNS ASK fi####minute.net
- DNS ASK fi####special.net
- DNS ASK fi####corner.net
- DNS ASK th####special.net
- DNS ASK th####flower.net
- DNS ASK wh####rcorner.net
- DNS ASK ri####pecial.net
- DNS ASK dn#.##ftncsi.com
- DNS ASK fi####flower.net
- DNS ASK ri###corner.net
- ClassName: 'Shell_TrayWnd' WindowName: ''