Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Winhost' = '%APPDATA%\32323323.exe'
- %APPDATA%\Winup.exe
- %APPDATA%\88E6680F\ak.tmp
- %TEMP%\%USERNAME%7
- %TEMP%\%USERNAME%8
- %TEMP%\%USERNAME%2.txt
- %APPDATA%\32323323.exe
- %APPDATA%\Winup.exe
- <SYSTEM32>\AppData\Winhost.exe
- %TEMP%\%USERNAME%8
- %TEMP%\%USERNAME%7
- %TEMP%\%USERNAME%2.txt
- 'vi####.no-ip.org':1799
- 'vi####.no-ip.org':1458
- 'vi####.no-ip.org':6464
- 'vi####.no-ip.org':6153
- 'vi####.no-ip.org':6156
- 'vi####.no-ip.org':6155
- 'vi####.no-ip.org':6154
- 'vi####.no-ip.org':999
- 'vi####.no-ip.org':83
- 'vi####.no-ip.org':82
- 'vi####.no-ip.org':1321
- 'vi####.no-ip.org':3564
- 'vi####.no-ip.org':1982
- 'vi####.no-ip.org':1729
- DNS ASK vi####.no-ip.org
- ClassName: 'Indicator' WindowName: ''