Техническая информация
- '%TEMP%\busedos.exe'
- '<SYSTEM32>\wbem\wmiprvse.exe' /pid=0xa6c /log
- '<SYSTEM32>\conhost.exe' /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
- <Служебный элемент>
- %TEMP%\busedos.exe
- %TEMP%\WERD805.tmp
- '18#.#55.149.118':443
- '10#.#6.232.219':443
- '18#.#55.236.184':443
- '18#.#55.147.104':443
- '18#.#55.153.115':443
- '18#.#55.152.190':443
- '18#.#55.134.174':443
- '18#.#55.249.28':443
- '95.##3.130.63':443
- '96.##.99.215':443
- '19#.#06.166.22':443
- '17#.#22.250.35':443
- '79.##1.42.247':443
- '18#.#55.168.97':443
- '94.##4.107.172':443
- DNS ASK dn#.##ftncsi.com
- DNS ASK ic###azip.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'BSWindow' WindowName: 'ACClass'