Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{9CA4C501-5136-43f2-8F7A-877DE8B76059}] 'stubpath' = ''
- '<SYSTEM32>\inaexuhtj.exe'
- 'C:\[1.5.2]ЖЫЖ®АЗ_ЕлЗХјіДЎ±в(v2.05).exe'
- 'C:\server.exe'
- '<SYSTEM32>\userinit.exe'
- <SYSTEM32>\userinit.exe
- %TEMP%\nse3.tmp\Main.ini
- %TEMP%\190109_res.tmp
- %TEMP%\nse3.tmp\Form.ini
- %TEMP%\nse3.tmp\oncheck.ini
- %TEMP%\nse3.tmp\NSISdl.dll
- %TEMP%\nse3.tmp\AdvSplash.dll
- C:\[1.5.2]ЖЫЖ®АЗ_ЕлЗХјіДЎ±в(v2.05).exe
- C:\server.exe
- <SYSTEM32>\inaexuhtj.exe
- %TEMP%\spltmp.bmp
- <SYSTEM32>\inaexuhtj.exe_lang.ini
- %TEMP%\spltmp.bmp
- %TEMP%\190109_res.tmp в %TEMP%\190390_lang.dll
- 'pe###.tistory.com':80
- '36.##.60.187':414
- pe###.tistory.com/attachment/cfile28.uf@2779EA345275D28638CC3D.ini
- DNS ASK pe###.tistory.com
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'