Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Wjfwxn Tbendcnd Hll] 'Start' = '00000002'
- %PROGRAM_FILES%\Oxqvxj.exe
- %WINDIR%\Temp\Oath.exe
- <SYSTEM32>\ping.exe www.google.com
- <SYSTEM32>\svchost.exe -k imgsvc
- <SYSTEM32>\cmd.exe /c "%PROGRAM_FILES%\del.bat"
- <SYSTEM32>\svchost.exe -k netsvcs
- C:\NT_Path.jpg
- C:\Net-Temp.ini
- %PROGRAM_FILES%\Rfbp\Fdeekkbhm.pic
- C:\2694800.dll
- %WINDIR%\Temp\Oath.exe
- %PROGRAM_FILES%\Oxqvxj.exe
- %PROGRAM_FILES%\del.bat
- %PROGRAM_FILES%\Oxqvxj.exe
- C:\2694800.dll
- C:\NT_Path.jpg
- C:\Net-Temp.ini
- %WINDIR%\Temp\Oath.exe
- 'oh####dcjo.gicp.net':8887
- DNS ASK oh####dcjo.gicp.net
- DNS ASK www.google.com
- '<IP-адрес в локальной сети>':1035