Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Call Block Provider Networking Connection' = 'C:\eldqbnlae\jkzumzhuwgy.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Support Base Log Endpoint] 'ImagePath' = 'C:\eldqbnlae\jkzumzhuwgy.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Support Base Log Endpoint] 'Start' = '00000002'
- 'C:\eldqbnlae\sgavzeyc.exe' "c:\eldqbnlae\jkzumzhuwgy.exe"
- 'C:\eldqbnlae\jkzumzhuwgy.exe'
- 'C:\eldqbnlae\nqvf2d6uddrqbu67por4.exe'
- C:\eldqbnlae\jkzumzhuwgy.exe
- C:\eldqbnlae\sgavzeyc.exe
- C:\eldqbnlae\jx0bafh
- %WINDIR%\eldqbnlae\kbg6yyqph
- C:\eldqbnlae\kbg6yyqph
- C:\eldqbnlae\nqvf2d6uddrqbu67por4.exe
- C:\eldqbnlae\sgavzeyc.exe
- C:\eldqbnlae\jkzumzhuwgy.exe
- C:\eldqbnlae\nqvf2d6uddrqbu67por4.exe
- %WINDIR%\eldqbnlae\kbg6yyqph
- %WINDIR%\eldqbnlae\kbg6yyqph
- '80.#4.199.6':49579
- '21#.#19.80.21':36542
- '70.##5.4.143':41500
- '37.##2.223.103':22969
- '18#.2.4.92':44843
- '19#.#45.26.50':31421
- '19#.#0.96.220':41884
- '2.##.167.151':22437
- ClassName: 'OleMainThreadWndClass' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''