Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\ias] 'Start' = '00000002'
- 'C:\RECYCLER\recyl.exe163828tem.exe'
- 'C:\RECYCLER\recyl.exe' /c regedit /s c:\recycler\recyl.exe168015cyl.txt
- 'C:\RECYCLER\recyl.exe' /cc:\recycler\recyl.exe163828tem.exe
- 'C:\RECYCLER\recyl.exe' /c c:\recycler\162203cnna.exe
- 'C:\RECYCLER\162203cnna.exe'
- '<SYSTEM32>\cmd.exe' /c ""c:\recycler\recylna.bat" "
- '%WINDIR%\regedit.exe' /s c:\recycler\recyl.exe168015cyl.txt
- C:\RECYCLER\recyl.exetem.tem
- C:\RECYCLER\recyl.exe163828tem.exe
- C:\RECYCLER\recyl.exe165453cnna.txt
- <SYSTEM32>\Iasid.dll
- C:\RECYCLER\recyl.exe168015cyl.txt
- C:\RECYCLER\161421cnna.cer
- C:\RECYCLER\recylna.bat
- C:\RECYCLER\162203cnna.exe
- C:\RECYCLER\recyl.exe163828cnna.txt
- C:\RECYCLER\recyl.exe
- C:\RECYCLER\162203cnna.exe
- C:\RECYCLER\recyl.exe165453cnna.txt в <SYSTEM32>\Iasid.dll
- C:\RECYCLER\recyl.exe163828cnna.txt в C:\RECYCLER\recyl.exe163828tem.exe
- 'fh##.3322.org':8888
- DNS ASK fh##.3322.org
- ClassName: 'RegEdit_RegEdit' WindowName: ''