Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'CNG Player Wired Encryption Peer Link' = '%APPDATA%\Roaming\jumyvmabasue\exgznsotfli.exe'
- '%APPDATA%\Roaming\jumyvmabasue\abxxhgz.exe' "%APPDATA%\Roaming\jumyvmabasue\exgznsotfli.exe"
- '%APPDATA%\Roaming\jumyvmabasue\exgznsotfli.exe'
- %APPDATA%\Roaming\jumyvmabasue\exgznsotfli.reea
- %APPDATA%\Roaming\jumyvmabasue\abxxhgz.exe
- %APPDATA%\Roaming\jumyvmabasue\exgznsotfli.exe
- %APPDATA%\Roaming\jumyvmabasue\exgznsotfli.exe
- DNS ASK ra####device.net
- DNS ASK mo####glanguage.net
- DNS ASK mo####gdevice.net
- DNS ASK mo####gbefore.net
- DNS ASK ra####before.net
- DNS ASK ra####language.net
- DNS ASK dn#.##ftncsi.com
- DNS ASK mi####before.net
- DNS ASK tw####before.net
- DNS ASK mo####gsettle.net
- DNS ASK ra####settle.net
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''