Техническая информация
- '%TEMP%\elevasg.exe'
- '<SYSTEM32>\taskeng.exe' /pid=0x8c0 /log
- '<SYSTEM32>\conhost.exe' /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
- <Служебный элемент>
- %TEMP%\elevasg.exe
- '17#.#6.251.208':443
- '18#.#55.165.154':443
- '10#.#6.226.85':443
- '24.##0.92.193':443
- '18#.#55.169.176':443
- '75.##7.112.81':443
- '17#.#16.240.56':443
- '68.##0.246.142':443
- '17#.#48.29.43':443
- '76.##5.248.137':443
- '67.##9.210.131':443
- '24.##8.217.188':443
- '98.##9.75.164':443
- '69.#.204.16':443
- '77.##.30.156':443
- '17#.#16.247.74':443
- '64.##1.36.35':443
- DNS ASK dn#.##ftncsi.com
- DNS ASK ic###azip.com
- ClassName: 'Shell_TrayWnd' WindowName: ''