Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'VFXGNxv++pP' = '<LS_APPDATA>\Microsoft\Windows\rlzeyhs.exe'
- '<SYSTEM32>\svchost.exe'
- <SYSTEM32>\svchost.exe
- %TEMP%\qucfmfpzg.tmp
- <LS_APPDATA>\Microsoft\Windows\rlzeyhs.exe
- %TEMP%\qucfmfpzg.tmp
- '19#.#8.100.240':80
- http://19#.#8.100.240/QWRsN2srdjlxUUdDYVp0aTBMUzl2Kyt1RlRxaTE1QVEzS0N2aG1INUU4ZVJ6cW83c1NIaEdwSkttQW00eFRyMnVwVnJjeGdpMnl1cG0yQjBOa0U3UnQ5b2s3RjU2VjhTeCtLd01TbDlncXI3clpHL3lBZmRKSnVYem5Q
- http://19#.#8.100.240/
- ClassName: 'Indicator' WindowName: ''