Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\KYDFFYNEhVUP.lnk
- '<SYSTEM32>\wscript.exe'
- '%APPDATA%\eQhG.exe' "%APPDATA%\RbbbF.au3"
- <SYSTEM32>\wscript.exe
- %APPDATA%\RbbbF.au3
- %APPDATA%\eQhG.exe
- %HOMEPATH%\pZTl8IQ06C1aEcx1\RbbbF.au3
- %HOMEPATH%\pZTl8IQ06C1aEcx1\eQhG.exe
- %APPDATA%\eQhG.exe в %HOMEPATH%\pZTl8IQ06C1aEcx1\eQhG.exe
- %APPDATA%\RbbbF.au3 в %HOMEPATH%\pZTl8IQ06C1aEcx1\RbbbF.au3
- 'wi#####7trojan.ddns.net':501
- DNS ASK wi#####7trojan.ddns.net
- ClassName: 'Shell_TrayWnd' WindowName: ''