Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'ojsya' = '"%ALLUSERSPROFILE%\application data\microsoft\gpieu\gpieu.exe"'
- %ALLUSERSPROFILE%\Application Data\Microsoft\gpieu\gpieu.exe
- %WINDIR%\Explorer.EXE
- %ALLUSERSPROFILE%\Application Data\Microsoft\gpieu\gpie.dll
- %ALLUSERSPROFILE%\Application Data\Microsoft\gpieu\gpieu.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\gpieu\gpieu.dll
- 'nt#0.in':80
- nt#0.in/5
- DNS ASK nt#0.in
- '<IP-адрес в локальной сети>':1036
- ClassName: 'gpieu%USERNAME%2436' WindowName: 'gpieu%USERNAME%2436'
- ClassName: 'gpieu%USERNAME%2332' WindowName: 'gpieu%USERNAME%2332'
- ClassName: 'gpieu%USERNAME%2996' WindowName: 'gpieu%USERNAME%2996'
- ClassName: 'gpieu%USERNAME%2940' WindowName: 'gpieu%USERNAME%2940'
- ClassName: 'gpieu%USERNAME%2284' WindowName: 'gpieu%USERNAME%2284'
- ClassName: 'gpieu%USERNAME%2040' WindowName: 'gpieu%USERNAME%2040'
- ClassName: 'gpieu%USERNAME%1768' WindowName: 'gpieu%USERNAME%1768'
- ClassName: 'gpieu%USERNAME%2244' WindowName: 'gpieu%USERNAME%2244'
- ClassName: 'gpieu%USERNAME%2148' WindowName: 'gpieu%USERNAME%2148'