Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'f37270a9-a50e-4f0e-9bb2-dac34d478c68' = '%APPDATA%\tbjfg\tbjfg.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'f37270a9-a50e-4f0e-9bb2-dac34d478c68' = '%APPDATA%\tbjfg\tbjfg.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Associations] 'LowRiskFileTypes' = '.exe;.bat;.reg;.vbs;'
- %APPDATA%\tbjfg\tbjfg.exe
- 'e7#########f8f03a040d08bb08ec07a.com':80
- '71#########6fa32811804d23765cda4.com':80
- '11#########7fbea1ab8f9aa7a107648.com':80
- 'e7#########e1bdfd691a80c783173b4.com':80
- 'fa#########555b68aa095335975e613.com':80
- '67#########778101892eb77249db32e.com':80
- '81#########f1b7ba9c0998e2aa8a7b4.com':80
- e7#########f8f03a040d08bb08ec07a.com/
- 71#########6fa32811804d23765cda4.com/
- 11#########7fbea1ab8f9aa7a107648.com/
- e7#########e1bdfd691a80c783173b4.com/
- fa#########555b68aa095335975e613.com/portal1/gateway.php
- 67#########778101892eb77249db32e.com/
- 81#########f1b7ba9c0998e2aa8a7b4.com/
- DNS ASK e7#########f8f03a040d08bb08ec07a.com
- DNS ASK 71#########6fa32811804d23765cda4.com
- DNS ASK 11#########7fbea1ab8f9aa7a107648.com
- DNS ASK e7#########e1bdfd691a80c783173b4.com
- DNS ASK fa#########555b68aa095335975e613.com
- DNS ASK 67#########778101892eb77249db32e.com
- DNS ASK 81#########f1b7ba9c0998e2aa8a7b4.com
- ClassName: 'Indicator' WindowName: ''