Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Browser Authentication UserMode Ordering IKE' = 'C:\mkaiehzhm\odndppg.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\List Firewall Time Authentication PnP-X] 'ImagePath' = 'C:\mkaiehzhm\odndppg.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\List Firewall Time Authentication PnP-X] 'Start' = '00000002'
- 'C:\mkaiehzhm\erayroyatl.exe' "c:\mkaiehzhm\odndppg.exe"
- 'C:\mkaiehzhm\odndppg.exe'
- 'C:\mkaiehzhm\n9t4piffprjwx5m.exe'
- C:\mkaiehzhm\odndppg.exe
- C:\mkaiehzhm\erayroyatl.exe
- C:\mkaiehzhm\qmvzokq
- %WINDIR%\mkaiehzhm\tmaqboq
- C:\mkaiehzhm\tmaqboq
- C:\mkaiehzhm\n9t4piffprjwx5m.exe
- C:\mkaiehzhm\erayroyatl.exe
- C:\mkaiehzhm\odndppg.exe
- C:\mkaiehzhm\n9t4piffprjwx5m.exe
- %WINDIR%\mkaiehzhm\tmaqboq
- %WINDIR%\mkaiehzhm\tmaqboq
- '20#.#36.131.186':52293
- '88.##.203.114':40413
- '19#.#62.66.148':52345
- '18#.#39.124.68':37599
- '95.##7.243.188':49038
- '20#.#93.204.80':37195
- '84.##8.130.85':27132
- ClassName: 'Shell_TrayWnd' WindowName: ''