Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Shell Infrastructure Host' = '"%TEMP%\331751A7-7449-4EBD-AE44-11948BE42AF3/sihost.exe"'
- '%TEMP%\3313D167-7469-4EKA-B131-11248BE42AF4\lsаss.exe' 05E2C37E99004AEAF2473C21431A159DK311Y<(]@!@)]>2892
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\keckl1fe.bat" "
- '%TEMP%\331751A7-7449-4EBD-AE44-11948BE42AF3\sihost.exe'
- %TEMP%\3313D167-7469-4EKA-B131-11248BE42AF4\lsаss.exe
- %TEMP%\keckl1fe.bat
- %TEMP%\331751A7-7449-4EBD-AE44-11948BE42AF3\sihost.exe