Техническая информация
- %WINDIR%\explorer.exe
- <SYSTEM32>\rundll32.exe "%TEMP%\xVjrkhNb.dll," CdapiInit QuickAuthenticationNotifier
- <SYSTEM32>\rundll32.exe "%TEMP%\Y9c2Gx4B.dll,DllUnregisterServer" install
- %TEMP%\kMNy8qJj
- %TEMP%\xVjrkhNb.dll
- %TEMP%\nsm2.tmp\SelfDel.dll
- %TEMP%\Y9c2Gx4B.dll
- %TEMP%\nsm2.tmp\GetVersion.dll
- %TEMP%\nsm2.tmp\System.dll
- %TEMP%\nsm2.tmp\inetc.dll
- %TEMP%\nsm2.tmp\SelfDel.dll
- %TEMP%\nsm2.tmp\System.dll
- %TEMP%\nsm2.tmp\GetVersion.dll
- %TEMP%\nsm2.tmp\inetc.dll
- 'sc####.rerscelka.co.cc':80
- sc####.rerscelka.co.cc/xzNn9wvyTqur35aDOPSDhgPk+b8Zo3VQlxiW7edG997SOL7ciOdz3o2O
- sc####.rerscelka.co.cc/WMQryqn48cBVOwbQJZTbv5qlyhKd7adhlnH+V/teD+F8t48h20iFRLFHK3rgb96cg9R61z4WwN/tNpklhimhcxMWMzyEJqtmcxGmXbWRgo4=
- sc####.rerscelka.co.cc/h6MxyFnJjQiClYgEE+nB++miw/sMF0Y0bhkzf8ZOpc/i8C4ffVGVOfr+ORLunWYxo305GQ8BdumhNLAw
- DNS ASK sc####.rerscelka.co.cc
- ClassName: '#32770' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''