Техническая информация
- '%TEMP%\famudit.exe'
- '<SYSTEM32>\DllHost.exe' 0x788 dllhost.exe
- '<SYSTEM32>\conhost.exe' /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
- <Служебный элемент>
- %TEMP%\famudit.exe
- '69.##0.128.71':443
- '98.##4.11.253':443
- '66.##6.61.218':443
- '24.#9.25.40':443
- '98.##6.210.27':443
- '67.##9.210.131':443
- '17#.#16.247.74':443
- '76.##5.248.137':443
- '24.##8.217.188':443
- '98.##9.75.164':443
- '21#.#6.93.250':443
- '98.##2.64.184':443
- '69.##4.171.44':443
- '65.##.106.143':443
- '76.##.81.120':443
- '76.#8.92.4':443
- '66.##6.63.33':443
- '71.##.130.24':443
- '96.##.204.12':443
- '65.##.236.173':443
- '66.##7.223.219':443
- DNS ASK dn#.##ftncsi.com
- DNS ASK ic###azip.com
- ClassName: 'Shell_TrayWnd' WindowName: ''