Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'User-mode Encrypting Client Foundation' = 'C:\blldbottucqj\tmjgehb.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Fax Enumerator Upgrade Distributed Storage] 'ImagePath' = 'C:\blldbottucqj\tmjgehb.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Fax Enumerator Upgrade Distributed Storage] 'Start' = '00000002'
- 'C:\blldbottucqj\amensotrfsg.exe' "c:\blldbottucqj\tmjgehb.exe"
- 'C:\blldbottucqj\tmjgehb.exe'
- 'C:\blldbottucqj\aihdu2ibqk7qtdthosze.exe'
- C:\blldbottucqj\tmjgehb.exe
- C:\blldbottucqj\amensotrfsg.exe
- C:\blldbottucqj\zo6xu9
- %WINDIR%\blldbottucqj\qloughldw2ux
- C:\blldbottucqj\qloughldw2ux
- C:\blldbottucqj\aihdu2ibqk7qtdthosze.exe
- C:\blldbottucqj\amensotrfsg.exe
- C:\blldbottucqj\tmjgehb.exe
- C:\blldbottucqj\aihdu2ibqk7qtdthosze.exe
- %WINDIR%\blldbottucqj\qloughldw2ux
- %WINDIR%\blldbottucqj\qloughldw2ux
- '62.##.253.114':51156
- '62.##1.108.194':20068
- '24.##9.216.168':33794
- '18#.#49.88.79':32097
- '5.#.166.192':41199
- '71.##2.212.226':26466
- '37.##2.223.103':22969
- '77.##.186.45':43519
- ClassName: 'Shell_TrayWnd' WindowName: ''