Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Theme] 'Start' = '00000002'
- <SYSTEM32>\iphlpapi.dll файлом <SYSTEM32>\iphlpapi.dll
- %TEMP%\c999.exe
- <SYSTEM32>\cmd.exe /c ""%TEMP%\1047.bat" "
- <SYSTEM32>\ping.exe 1.0.0.1 -n
- <SYSTEM32>\taskkill.exe /im dnf.exe /f
- <SYSTEM32>\rundll32.exe "<SYSTEM32>\termgr.dll",RundllInstall Theme
- <SYSTEM32>\net1.exe start Theme
- <SYSTEM32>\svchost.exe -k netsvc
- %WINDIR%\Explorer.EXE
- dnf.exe
- <SYSTEM32>\lua31.dll
- <SYSTEM32>\termgr.dll
- %TEMP%\1047.bat
- %TEMP%\c999.exe
- <SYSTEM32>\userinfo.ini
- <SYSTEM32>\common32.dll
- <SYSTEM32>\iphlpapi.dll в <SYSTEM32>\iphlpapi.dll_bak
- 'xg##.#otsstos.com':12503
- 'ch##.#otsstos.com':12429
- DNS ASK xg##.#otsstos.com
- DNS ASK ch##.#otsstos.com
- ClassName: '' WindowName: ''