Техническая информация
- %WINDIR%\explorer.exe
- <SYSTEM32>\rundll32.exe %TEMP%\38VzTXxK.dll, CdapiInit QuickAuthenticationNotifier
- <SYSTEM32>\rundll32.exe %TEMP%\C7nBzY9L.dll,DllUnregisterServer install
- %TEMP%\3xQvB4pT
- %TEMP%\38VzTXxK.dll
- %TEMP%\nso2.tmp\SelfDel.dll
- %TEMP%\C7nBzY9L.dll
- %TEMP%\nso2.tmp\GetVersion.dll
- %TEMP%\nso2.tmp\System.dll
- %TEMP%\nso2.tmp\inetc.dll
- %TEMP%\nso2.tmp\SelfDel.dll
- %TEMP%\nso2.tmp\System.dll
- %TEMP%\nso2.tmp\GetVersion.dll
- %TEMP%\nso2.tmp\inetc.dll
- 'sc####.carogany.tk':80
- sc####.carogany.tk/Qnqxhb3PwijDiOhTPgm4BV2OOkETEua0neKbsagFyfqMwLbegBEZdN3n
- sc####.carogany.tk/4QktWRDFeO6Jj0n8R+qTfWD/5OhlcyOpKM1mahtIqYpWPulhc3SyGxR6XIqlHUVu6qcrG13fxjCqD7aO8MBpHX7FAG/kxlCYC3MsKPS2btE=
- sc####.carogany.tk/7THGphX2ZPFcwpJozPNzxxa0FK8frj7pLbF1TCd6AgWOSLOZJszbgSe8tL+/qrr8VCDVPHemxzNDJYQm
- DNS ASK sc####.carogany.tk
- '<IP-адрес в локальной сети>':1034
- ClassName: '#32770' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''