Техническая информация
- %WINDIR%\explorer.exe
- <SYSTEM32>\rundll32.exe "%TEMP%\9vBnwzcg.dll," CdapiInit QuickAuthenticationNotifier
- <SYSTEM32>\rundll32.exe "%TEMP%\QLX8pfm7.dll,DllUnregisterServer" install
- %TEMP%\BX3zpqrh
- %TEMP%\9vBnwzcg.dll
- %TEMP%\nsb2.tmp\SelfDel.dll
- %TEMP%\QLX8pfm7.dll
- %TEMP%\nsb2.tmp\GetVersion.dll
- %TEMP%\nsb2.tmp\System.dll
- %TEMP%\nsb2.tmp\inetc.dll
- %TEMP%\nsb2.tmp\SelfDel.dll
- %TEMP%\nsb2.tmp\System.dll
- %TEMP%\nsb2.tmp\GetVersion.dll
- %TEMP%\nsb2.tmp\inetc.dll
- 'up######.perlandmon.co.cc':80
- up######.perlandmon.co.cc/t3y9x6Bbm9hfTAo/tmuQb79JfJSbVDGBG60IKWGpKQtEjEIoqqP7WH6h
- up######.perlandmon.co.cc/Rf7cXymZKXlwHKZxrbYGmWgkHkUsmj5qJftLdkv+mETl+zsuh5jNRRBaz9Z7lkLj0lnFepCWI9C66sKkSUy5K3eFnb+CelpjGXwU8OL8lo0=
- up######.perlandmon.co.cc/PtXQMYv2VRmbLr25Cqv1PIeZ/9p1G0Hd57kJnwaDscEzsQewTW1DKoPzYbcRd1dW2hplSotFuOcWI2NK
- DNS ASK up######.perlandmon.co.cc
- ClassName: '#32770' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''