Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Interactive Initiator Collector' = 'C:\qyriqsx\kibmkydsoy.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Name Trap Tracking Transaction Defender] 'ImagePath' = 'C:\qyriqsx\kibmkydsoy.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Name Trap Tracking Transaction Defender] 'Start' = '00000002'
- 'C:\qyriqsx\torpddqp.exe' "c:\qyriqsx\kibmkydsoy.exe"
- 'C:\qyriqsx\kibmkydsoy.exe'
- 'C:\qyriqsx\s4f307ufnzik1dzjlu.exe'
- C:\qyriqsx\kibmkydsoy.exe
- C:\qyriqsx\torpddqp.exe
- C:\qyriqsx\mstynl
- %WINDIR%\qyriqsx\x7iemarqd
- C:\qyriqsx\x7iemarqd
- C:\qyriqsx\s4f307ufnzik1dzjlu.exe
- C:\qyriqsx\torpddqp.exe
- C:\qyriqsx\kibmkydsoy.exe
- C:\qyriqsx\s4f307ufnzik1dzjlu.exe
- %WINDIR%\qyriqsx\x7iemarqd
- %WINDIR%\qyriqsx\x7iemarqd
- '61.##6.2.217':25840
- '77.##8.205.139':22969
- '18#.#22.43.28':46084
- '86.##5.10.227':45279
- '95.##.58.101':23245
- '62.##.253.114':51156
- '94.##1.114.138':44254
- '21#.#7.168.28':52231
- '21#.#65.0.136':35711
- '72.##1.207.62':22399
- '10#.#46.77.146':33927
- '78.#7.87.58':21017
- ClassName: 'Shell_TrayWnd' WindowName: ''