Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{E1PEUYXK-CJYY-AEZ5-QQI1-B9EUT2DALPZU}] 'StubPath' = '%APPDATA%\wtnkhost.exe'
- [<HKCU>\Software\Microsoft\Active Setup\Installed Components\{E1PEUYXK-CJYY-AEZ5-QQI1-B9EUT2DALPZU}] 'StubPath' = '%APPDATA%\wtnkhost.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'wtnkhost' = '%APPDATA%\wtnkhost.exe'
- <SYSTEM32>\cmd.exe /c ""%TEMP%\KjooFTWG7vK4i5ER.bat" "
- %APPDATA%\wtnkhost.exe
- %TEMP%\KjooFTWG7vK4i5ER.bat
- 'te###.#yndns-wiki.com':977
- DNS ASK te###.#yndns-wiki.com
- '<IP-адрес в локальной сети>':1037
- ClassName: 'Indicator' WindowName: ''