Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'qkKbgTl2' = '%APPDATA%\63Ox1RzD\ozKnwI81.exe'
- '<SYSTEM32>\wscript.exe' "%TEMP%\QcwDdW.vbs"
- '%APPDATA%\63Ox1RzD\ozKnwI81.exe'
- %TEMP%\uCSD.vbs
- %TEMP%\oAcdCS.vbs
- %TEMP%\rIwdF.vbs
- %TEMP%\ddVFA.vbs
- %TEMP%\dit.vbs
- %TEMP%\EDXszCf.vbs
- %TEMP%\dsC.vbs
- %TEMP%\tAfs.vbs
- %TEMP%\IFKdD.vbs
- %TEMP%\qhdnsCAa.vbs
- %TEMP%\dFjWf.vbs
- %TEMP%\dacEIdWc.vbs
- %TEMP%\Xiorf.vbs
- %TEMP%\eaEFc.vbs
- %TEMP%\Fow.vbs
- %APPDATA%\63Ox1RzD\ozKnwI81.exe
- %TEMP%\QcwDdW.vbs
- %TEMP%\jsnsFSa.vbs
- %TEMP%\vdcsss.vbs
- %TEMP%\eRr.vbs
- %TEMP%\Feda.vbs
- %TEMP%\ErsnDs.vbs
- %TEMP%\cEBsVD.vbs
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''