Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\TlntSvrSys] 'Start' = '00000002'
- '<SYSTEM32>\svchost.exe' -k netsvcs
- <SYSTEM32>\svchost.exe
- <SYSTEM32>\Com\svchost.exe
- %ALLUSERSPROFILE%\Application Data\Mozilla\UV9FXlFbb1NfWVQPBg.bin
- <SYSTEM32>\Com\svchost.exe
- %ALLUSERSPROFILE%\Application Data\Mozilla\UV9FXlFbb1NfWVQPBg.bin
- 'localhost':80
- '5.#.189.40':443
- http://localhost/MbQTQDmSY-wXu88p/DBXHwkS/VD78IhhZrIXkdybzn9.php?lk##############################################################
- http://localhost/wSGXbvnNwb98RDVTRm3NsoE2QJv8G8dluDQMIoq48exEfysd6SgKTqCFwbeaiHg73.86RkO2uVK/x6yL.sqSYIysZ15vfN-p-qqLMHNPS.php
- http://localhost/BjRUvHpDi-xYwFqvH4xEDH4tUQuSklDNMYSNqVj1USX2nbA3Qd.tEnRPbmhvLC5U.OHlGbVFEUXb2mSrSpKSCn6W8WJamG4D9K6akOK/Mktttddr2v9K24PSv7BXSywWYmvpJPyuvSTpS4bOWujK66g0ilkV95B2sWyUT.Cs5.png
- http://localhost/gzqAbVnz/Bh5bP95Uk/G0Xt/peNVZ2jH3dbwEV6Q6i/3Wfyvrxe2146pcFgC--bGKhs8f1.UGVaDmqTHR-LJqZ.cgi?eI###################################################################################...
- ClassName: 'Shell_TrayWnd' WindowName: ''