Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\HidServSys] 'Start' = '00000002'
- '<SYSTEM32>\svchost.exe' -k netsvcs
- <SYSTEM32>\svchost.exe
- <SYSTEM32>\Com\svchost.exe
- %ALLUSERSPROFILE%\Application Data\Mozilla\UV9FXlFbb1NfWVQPBg.bin
- <SYSTEM32>\Com\svchost.exe
- %ALLUSERSPROFILE%\Application Data\Mozilla\UV9FXlFbb1NfWVQPBg.bin
- 'localhost':80
- '5.#.189.40':443
- http://localhost/ITHJhnDg7YP64Pqml/CiXiPM.FhBgXZRMmjeBnZBcD7PCG7F9/EJp6WLzmcf8K9FLAPXappO5L.0.cgi?HK#############################################################
- http://localhost/XuhwkiFvdKZGpqfcLhMtKD3OQbAfDGglkOKLZiGK-Xw48jzfMFIsmrwjvgGqXjRzcZcK0MifX4ZXNHAkh1LJ79ddTdH91/S0vQE.VVTlfE2HxV-14tr0cCDu6AqaNzouCCdfP7U4De1RkpqsfshFQs2XmidTi-GKrAE7PFh4S.jpg
- http://localhost/VCseNvR/oHnOGOmUMk/j1xEsW/e-wAZ8Ognhzfa6rHJOK-OmRL-c9cR-OMmEBX0gQtnnudpo-od6.cgi?p&#############################################################################################...
- ClassName: 'Shell_TrayWnd' WindowName: ''