Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Locator VC Interactive' = '%APPDATA%\Roaming\jntjjbnmmvtpuu\jjjqvah.exe'
- '%APPDATA%\Roaming\jntjjbnmmvtpuu\wxzwijus.exe' "%APPDATA%\Roaming\jntjjbnmmvtpuu\jjjqvah.exe"
- '%APPDATA%\Roaming\jntjjbnmmvtpuu\jjjqvah.exe'
- %APPDATA%\Roaming\jntjjbnmmvtpuu\jjjqvah.f7
- %APPDATA%\Roaming\jntjjbnmmvtpuu\wxzwijus.exe
- %APPDATA%\Roaming\jntjjbnmmvtpuu\jjjqvah.exe
- %APPDATA%\Roaming\jntjjbnmmvtpuu\jjjqvah.exe
- DNS ASK mo####corner.net
- DNS ASK si####corner.net
- DNS ASK mo####inflower.net
- DNS ASK mo####inminute.net
- DNS ASK po####leflower.net
- DNS ASK mo####special.net
- DNS ASK si####minute.net
- DNS ASK mo####flower.net
- DNS ASK dn#.##ftncsi.com
- DNS ASK si####special.net
- DNS ASK mo####minute.net
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''