Техническая информация
- %WINDIR%\Fonts\cmmd
- %WINDIR%\Downloaded Program Files\svchost.exe 192.168.193.3 http://b.##d6.com/ww.exe 192.168.193.2 http://b.##d6.com/ww.exe 192.168.193.1 http://b.##d6.com/ww.exe
- <SYSTEM32>\340safe.exe
- %WINDIR%\Fonts\svchost.exe
- <SYSTEM32>\cmd.exe /c c:\DEL.bat
- <SYSTEM32>\svchost.exe
- \Device\LanmanRedirector\192.168.193.1\pipe\browser
- <DRIVERS>\Atieccx.sys
- C:\DEL.bat
- \Device\LanmanRedirector\192.168.193.3\pipe\browser
- \Device\LanmanRedirector\192.168.193.2\pipe\browser
- <SYSTEM32>\340safe.exe
- <SYSTEM32>\dibyjjsjdua.dll
- %WINDIR%\Fonts\svchost.exe
- %WINDIR%\Fonts\cmmd
- %WINDIR%\Downloaded Program Files\svchost.exe
- %WINDIR%\Fonts\cmmd
- '<IP-адрес в локальной сети>':139
- '<IP-адрес в локальной сети>':445