Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\services\Launcher Workstation RPC Call] 'Start' = '00000002'
- 'C:\jtnsbxsy\nbkuisgx.exe' "c:\jtnsbxsy\epvtmxo.exe"
- 'C:\jtnsbxsy\epvtmxo.exe'
- 'C:\jtnsbxsy\mxyzg8c9kmh7o1v2s5.exe'
- C:\jtnsbxsy\epvtmxo.exe
- C:\jtnsbxsy\nbkuisgx.exe
- C:\jtnsbxsy\hfupkveuu
- %WINDIR%\jtnsbxsy\ecyftbm0
- C:\jtnsbxsy\ecyftbm0
- C:\jtnsbxsy\mxyzg8c9kmh7o1v2s5.exe
- C:\jtnsbxsy\nbkuisgx.exe
- C:\jtnsbxsy\epvtmxo.exe
- C:\jtnsbxsy\mxyzg8c9kmh7o1v2s5.exe
- %WINDIR%\jtnsbxsy\ecyftbm0
- DNS ASK gl####istance.net
- DNS ASK an####distance.net
- DNS ASK an####office.net
- DNS ASK an####arrive.net
- DNS ASK gl###office.net
- DNS ASK gl###supply.net
- DNS ASK de####arrive.net
- DNS ASK fo####doffice.net
- DNS ASK dn#.##ftncsi.com
- DNS ASK an####supply.net
- DNS ASK fo####darrive.net
- ClassName: 'Shell_TrayWnd' WindowName: ''