Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'kmyckuum.exe' = '"%APPDATA%\Identities\kmyckuum.exe"'
- <SYSTEM32>\cmd.exe
- %APPDATA%\ms2454029.bat
- %APPDATA%\Identities\kmyckuum.exe
- %APPDATA%\ms2454029.bat
- '20#.#6.232.182':80
- 20#.#6.232.182/
- DNS ASK www.microsoft.com
- ClassName: '' WindowName: 'N dFvUjr'
- ClassName: '' WindowName: 'snsGexBfxAVc'
- ClassName: '' WindowName: 'epKbwMgkDvvl vl'
- ClassName: 'Indicator' WindowName: ''
- ClassName: '' WindowName: 'aUqen'
- ClassName: '' WindowName: ' QMS'
- ClassName: '' WindowName: 'Sfji y qbbjw'
- ClassName: '' WindowName: 'e QgUprqF zt'
- ClassName: '' WindowName: ' QiiUc zF'
- ClassName: '' WindowName: 'hZqhxzwwnR'