Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'AutoConfig Server Thread Wired' = 'C:\tndkpzcltkxg\wmubjeua.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Card Locator Mapper Secure List] 'ImagePath' = 'C:\tndkpzcltkxg\wmubjeua.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Card Locator Mapper Secure List] 'Start' = '00000002'
- 'C:\tndkpzcltkxg\holxbnhzax.exe' "c:\tndkpzcltkxg\wmubjeua.exe"
- 'C:\tndkpzcltkxg\wmubjeua.exe'
- 'C:\tndkpzcltkxg\h1rr3g4bzrzdadbhxo.exe'
- C:\tndkpzcltkxg\wmubjeua.exe
- C:\tndkpzcltkxg\holxbnhzax.exe
- C:\tndkpzcltkxg\calupelmbhhx
- %WINDIR%\tndkpzcltkxg\u5d7ypk
- C:\tndkpzcltkxg\u5d7ypk
- C:\tndkpzcltkxg\h1rr3g4bzrzdadbhxo.exe
- C:\tndkpzcltkxg\holxbnhzax.exe
- C:\tndkpzcltkxg\wmubjeua.exe
- C:\tndkpzcltkxg\h1rr3g4bzrzdadbhxo.exe
- %WINDIR%\tndkpzcltkxg\u5d7ypk
- %WINDIR%\tndkpzcltkxg\u5d7ypk
- '19#.#0.41.168':43832
- '37.##2.223.103':22969
- '83.##0.248.151':23268
- '79.##5.10.236':21201
- '15#.#82.245.137':33982
- '20#.#70.207.211':37727
- '10#.#2.195.20':39160
- '19#.#0.96.220':41884
- ClassName: 'Shell_TrayWnd' WindowName: ''