Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Notification File Builder RPC' = 'C:\bogofedot\uucxodbzl.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Card Tunneling List Visual COM+] 'ImagePath' = 'C:\bogofedot\uucxodbzl.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Card Tunneling List Visual COM+] 'Start' = '00000002'
- 'C:\bogofedot\krozqrst.exe' "c:\bogofedot\uucxodbzl.exe"
- 'C:\bogofedot\uucxodbzl.exe'
- 'C:\bogofedot\obhs2vbmcwhrzrhk.exe'
- C:\bogofedot\uucxodbzl.exe
- C:\bogofedot\krozqrst.exe
- C:\bogofedot\psaxbdommd
- %WINDIR%\bogofedot\qlzjwzggdh
- C:\bogofedot\qlzjwzggdh
- C:\bogofedot\obhs2vbmcwhrzrhk.exe
- C:\bogofedot\krozqrst.exe
- C:\bogofedot\uucxodbzl.exe
- C:\bogofedot\obhs2vbmcwhrzrhk.exe
- %WINDIR%\bogofedot\qlzjwzggdh
- %WINDIR%\bogofedot\qlzjwzggdh
- '41.##8.41.238':29356
- '72.##1.47.203':22399
- '62.##.253.114':51156
- '10#.#25.112.152':47507
- '98.##.239.20':20922
- '93.##7.67.155':25640
- '82.##7.164.91':40801
- '18#.#45.182.189':37331
- ClassName: 'Shell_TrayWnd' WindowName: ''