Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Controls Keying Credential Media' = 'C:\zyslquun\widustez.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Profile Redirector Encrypting Locator] 'ImagePath' = 'C:\zyslquun\widustez.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Profile Redirector Encrypting Locator] 'Start' = '00000002'
- 'C:\zyslquun\rqzbegtlgxqx.exe' "c:\zyslquun\widustez.exe"
- 'C:\zyslquun\widustez.exe'
- 'C:\zyslquun\tjml2thnkyjm6a7z.exe'
- C:\zyslquun\widustez.exe
- C:\zyslquun\rqzbegtlgxqx.exe
- C:\zyslquun\yhhunx2
- %WINDIR%\zyslquun\rnupeg
- C:\zyslquun\rnupeg
- C:\zyslquun\tjml2thnkyjm6a7z.exe
- C:\zyslquun\rqzbegtlgxqx.exe
- C:\zyslquun\widustez.exe
- C:\zyslquun\tjml2thnkyjm6a7z.exe
- %WINDIR%\zyslquun\rnupeg
- %WINDIR%\zyslquun\rnupeg
- '20#.#71.22.221':32994
- '18#.#55.161.27':20052
- '19#.#0.41.168':43832
- '86.##.69.232':41590
- '79.##.202.44':23699
- '20#.#93.204.80':37195
- '10#.#46.77.146':33927
- '10#.#28.239.221':49777
- ClassName: 'Shell_TrayWnd' WindowName: ''