Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Visual Application Play' = 'C:\dqqrcipxbslj\dqbrzmvhzea.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Installer Agent Bus Authentication Panel Peer] 'ImagePath' = 'C:\dqqrcipxbslj\dqbrzmvhzea.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Installer Agent Bus Authentication Panel Peer] 'Start' = '00000002'
- 'C:\dqqrcipxbslj\jaeennbcn.exe' "c:\dqqrcipxbslj\dqbrzmvhzea.exe"
- 'C:\dqqrcipxbslj\dqbrzmvhzea.exe'
- 'C:\dqqrcipxbslj\ecsg2cqcduuvj1ymvf.exe'
- C:\dqqrcipxbslj\dqbrzmvhzea.exe
- C:\dqqrcipxbslj\jaeennbcn.exe
- C:\dqqrcipxbslj\a2kbfw
- %WINDIR%\dqqrcipxbslj\yysltoi
- C:\dqqrcipxbslj\yysltoi
- C:\dqqrcipxbslj\ecsg2cqcduuvj1ymvf.exe
- C:\dqqrcipxbslj\jaeennbcn.exe
- C:\dqqrcipxbslj\dqbrzmvhzea.exe
- C:\dqqrcipxbslj\ecsg2cqcduuvj1ymvf.exe
- %WINDIR%\dqqrcipxbslj\yysltoi
- %WINDIR%\dqqrcipxbslj\yysltoi
- '87.##.238.184':44724
- '92.##7.45.207':21921
- '12#.#60.123.173':36805
- '81.##7.50.99':52074
- '21#.#7.168.28':52231
- '5.##.147.158':23144
- '18#.#45.182.189':37331
- '19#.#0.41.168':43832
- ClassName: 'OleMainThreadWndClass' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''