Техническая информация
- %WINDIR%\explorer.exe
- <SYSTEM32>\rundll32.exe "%TEMP%\X7B6VFhY.dll," CdapiInit QuickAuthenticationNotifier
- <SYSTEM32>\rundll32.exe "%TEMP%\GNb8h6md.dll,DllUnregisterServer" install
- %TEMP%\Y48c9XfK
- %TEMP%\X7B6VFhY.dll
- %TEMP%\nsm2.tmp\SelfDel.dll
- %TEMP%\GNb8h6md.dll
- %TEMP%\nsm2.tmp\GetVersion.dll
- %TEMP%\nsm2.tmp\System.dll
- %TEMP%\nsm2.tmp\inetc.dll
- %TEMP%\nsm2.tmp\SelfDel.dll
- %TEMP%\nsm2.tmp\System.dll
- %TEMP%\nsm2.tmp\GetVersion.dll
- %TEMP%\nsm2.tmp\inetc.dll
- 'up#####.occonkey.co.cc':80
- up#####.occonkey.co.cc/nchKYCgP8cwKQbTW9gGkeylwtDh/0o8G6eeCcwykvJNOtdk4nkLxTrgR
- up#####.occonkey.co.cc/wWdv8JQVNRQlzTkNfwm+Cieaw4FLtSHWKCCK8wn8ITaZgh7fflvrAHigjcLFxNT1ji+GyAjIXAoqBE34CkmKd0hnAR9iupyU9S5VBL4SIr4=
- up#####.occonkey.co.cc/KhdyXfDMWwq1FxLs4Z+Pu3Z6n20Y0JwbyT5aVHupFGqSwmzwOzxBRWPLli/fnX48dHiTfYDd/tDcmBNM
- DNS ASK up#####.occonkey.co.cc
- ClassName: '#32770' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''