Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Files Endpoint Link-Layer Computer Themes Counter' = 'C:\jtwawmanivhqhy\ltesqls.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Cryptographic Notification Machine User] 'ImagePath' = 'C:\jtwawmanivhqhy\ltesqls.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Cryptographic Notification Machine User] 'Start' = '00000002'
- 'C:\jtwawmanivhqhy\wdnfuos.exe' "c:\jtwawmanivhqhy\ltesqls.exe"
- 'C:\jtwawmanivhqhy\ltesqls.exe'
- 'C:\jtwawmanivhqhy\dmek2owahgbvnhdmhrfd.exe'
- C:\jtwawmanivhqhy\ltesqls.exe
- C:\jtwawmanivhqhy\wdnfuos.exe
- C:\jtwawmanivhqhy\bhzoxmtxx
- %WINDIR%\jtwawmanivhqhy\j7xfv4
- C:\jtwawmanivhqhy\j7xfv4
- C:\jtwawmanivhqhy\dmek2owahgbvnhdmhrfd.exe
- C:\jtwawmanivhqhy\wdnfuos.exe
- C:\jtwawmanivhqhy\ltesqls.exe
- C:\jtwawmanivhqhy\dmek2owahgbvnhdmhrfd.exe
- %WINDIR%\jtwawmanivhqhy\j7xfv4
- %WINDIR%\jtwawmanivhqhy\j7xfv4
- '11#.#6.137.96':49919
- '12#.#60.112.138':27440
- '19#.#7.134.20':44965
- '5.##.147.5':26337
- '86.##.69.232':41590
- '77.##7.13.68':30018
- '18#.#42.145.105':26662
- '21#.#65.0.136':35711
- '79.##3.139.198':21201
- '87.##.238.184':44724
- '86.#8.69.58':22437
- ClassName: 'Shell_TrayWnd' WindowName: ''