Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Control\SecurityProviders] 'SecurityProviders' = 'msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, AyyomhucCuml.dll'
- '<Текущая директория>\12345.exe'
- '<SYSTEM32>\rundll32.exe' "<SYSTEM32>\AyyomhucCuml.dll",EntryPoint
- %WINDIR%\Explorer.EXE
- <SYSTEM32>\AyyomhucCuml.dll
- <Текущая директория>\12345.exe
- 'ma##.gmail.com':25
- '85.##.149.87':1001
- '67.##5.160.76':25
- 'ma##.#otmail.com':25
- DNS ASK GM##l.cOM
- DNS ASK HO##aIl.cOM
- DNS ASK YA##O.Com
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'