Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{kstneone-illo-fogd-pfej-vmggrkatiafp}] 'stubpath' = ''
- <SYSTEM32>\incgzwjvl.exe ZhuDongdelC:\server.exe
- C:\inject.exe
- C:\server.exe
- <SYSTEM32>\incgzwjvl.exe_lang.ini
- %TEMP%\155484_res.tmp
- C:\server.exe
- C:\inject.exe
- <SYSTEM32>\incgzwjvl.exe
- C:\server.exe
- '17#.#06.151.149':8080
- ClassName: 'Shell_TrayWnd' WindowName: ''