Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Resource Secondary Gateway' = 'C:\tgnmdmuvqbukmpw\bbuhmlndgm.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Debugger Certificate File] 'ImagePath' = 'C:\tgnmdmuvqbukmpw\bbuhmlndgm.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Debugger Certificate File] 'Start' = '00000002'
- 'C:\tgnmdmuvqbukmpw\mbxvnjwhu.exe' "c:\tgnmdmuvqbukmpw\bbuhmlndgm.exe"
- 'C:\tgnmdmuvqbukmpw\bbuhmlndgm.exe'
- 'C:\tgnmdmuvqbukmpw\sxwo2w8lvecbr3p8h.exe'
- C:\tgnmdmuvqbukmpw\bbuhmlndgm.exe
- C:\tgnmdmuvqbukmpw\mbxvnjwhu.exe
- C:\tgnmdmuvqbukmpw\cnvrhqpijtjd
- %WINDIR%\tgnmdmuvqbukmpw\zukncp7he2
- C:\tgnmdmuvqbukmpw\zukncp7he2
- C:\tgnmdmuvqbukmpw\sxwo2w8lvecbr3p8h.exe
- C:\tgnmdmuvqbukmpw\mbxvnjwhu.exe
- C:\tgnmdmuvqbukmpw\bbuhmlndgm.exe
- C:\tgnmdmuvqbukmpw\sxwo2w8lvecbr3p8h.exe
- %WINDIR%\tgnmdmuvqbukmpw\zukncp7he2
- %WINDIR%\tgnmdmuvqbukmpw\zukncp7he2
- '18#.#39.143.239':37599
- '21#.#07.110.82':26314
- '79.##3.139.198':21201
- '71.##6.195.178':41500
- '41.#42.27.1':45860
- '12#.#60.112.138':27440
- '87.##.238.184':44724
- '17#.37.2.43':44303
- ClassName: 'Shell_TrayWnd' WindowName: ''