Техническая информация
- '%TEMP%\pagePXM.exe'
- '<SYSTEM32>\taskeng.exe' /pid=0x440 /log
- '<SYSTEM32>\conhost.exe' /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
- <Служебный элемент>
- %TEMP%\pagePXM.exe
- %TEMP%\PXMInstall.log
- '20#.#23.130.173':443
- '17#.#14.221.89':443
- '72.##0.82.80':443
- '68.#19.5.32':443
- '98.##4.215.92':443
- '17#.#48.22.227':443
- '17#.#43.255.79':443
- '69.#.204.114':443
- '17#.#48.27.163':443
- '17#.#48.31.1':443
- '17#.#48.31.6':443
- '18#.#55.165.154':443
- '17#.#16.240.56':443
- '17#.#6.251.208':443
- '10#.#6.226.85':443
- '24.##0.92.193':443
- '68.##0.246.142':443
- '21#.#54.231.11':443
- '24.##.131.116':443
- '69.##3.81.211':443
- '18#.#55.169.176':443
- '75.##7.112.81':443
- DNS ASK dn#.##ftncsi.com
- DNS ASK ic###azip.com
- ClassName: 'Shell_TrayWnd' WindowName: ''