Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Copy Connectivity DNS Distributed' = 'C:\pvxouamrojyhnys\huuaqmid.exe'
- 'C:\pvxouamrojyhnys\dvoxdoqtbt.exe' "c:\pvxouamrojyhnys\huuaqmid.exe"
- 'C:\pvxouamrojyhnys\huuaqmid.exe'
- 'C:\pvxouamrojyhnys\v954mpdv7yh9ote8w.exe'
- C:\pvxouamrojyhnys\huuaqmid.exe
- C:\pvxouamrojyhnys\dvoxdoqtbt.exe
- C:\pvxouamrojyhnys\v954mpdv7yh9ote8w.exe
- %WINDIR%\pvxouamrojyhnys\jsnlcrit
- C:\pvxouamrojyhnys\jsnlcrit
- C:\pvxouamrojyhnys\dvoxdoqtbt.exe
- C:\pvxouamrojyhnys\huuaqmid.exe
- C:\pvxouamrojyhnys\v954mpdv7yh9ote8w.exe
- %WINDIR%\pvxouamrojyhnys\jsnlcrit
- %WINDIR%\pvxouamrojyhnys\jsnlcrit
- 'fi###eshake.net':80
- 'fi###eshare.net':80
- 'th####happen.net':80
- 'th###hshake.net':80
- http://fi###eshake.net/index.php
- http://fi###eshare.net/index.php
- http://th####happen.net/index.php
- http://th###hshake.net/index.php
- DNS ASK fi###eshare.net
- DNS ASK th###hshare.net
- DNS ASK th###hshake.net
- DNS ASK th####happen.net
- DNS ASK fi###eshake.net
- ClassName: 'Shell_TrayWnd' WindowName: ''