Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Control\SecurityProviders] 'SecurityProviders' = 'msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, msaoppgw.dll, "%APPDATA%\dfhnydtf.dll"'
- [<HKLM>\SYSTEM\ControlSet001\Control\SecurityProviders] 'SecurityProviders' = 'msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, msaoppgw.dll'
- <SYSTEM32>\lsass.exe
- %WINDIR%\Temp\~dbf100000000001cc05.tmp
- %WINDIR%\Temp\~dbf100000000001dfcc.tmp
- <SYSTEM32>\msaoppgw.dll
- %APPDATA%\dfhnydtf.dll
- 'l4.####incheker.name':2202
- 'l3.####incheker.name':2202
- DNS ASK l4.####incheker.name
- DNS ASK l3.####incheker.name