Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Logs Identity Human Policy' = 'C:\cunemwu\omhcqch.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Scheduler Authentication Search PnP-X] 'ImagePath' = 'C:\cunemwu\omhcqch.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Scheduler Authentication Search PnP-X] 'Start' = '00000002'
- 'C:\cunemwu\xlyelxiphik.exe' "c:\cunemwu\omhcqch.exe"
- 'C:\cunemwu\omhcqch.exe'
- 'C:\cunemwu\dknt2w60sgvdfwq9o.exe'
- C:\cunemwu\omhcqch.exe
- C:\cunemwu\xlyelxiphik.exe
- C:\cunemwu\udfehszkz
- %WINDIR%\cunemwu\olnzb5oqfe
- C:\cunemwu\olnzb5oqfe
- C:\cunemwu\dknt2w60sgvdfwq9o.exe
- C:\cunemwu\xlyelxiphik.exe
- C:\cunemwu\omhcqch.exe
- C:\cunemwu\dknt2w60sgvdfwq9o.exe
- %WINDIR%\cunemwu\olnzb5oqfe
- %WINDIR%\cunemwu\olnzb5oqfe
- '92.##7.45.207':21921
- '80.##1.86.158':33631
- '18#.#72.215.47':51612
- '81.##7.50.99':52074
- '18#.#45.182.189':37331
- '79.##.202.44':23699
- '21#.#19.80.21':36542
- '10#.#2.195.20':39160
- ClassName: 'Shell_TrayWnd' WindowName: ''