Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'COMIMES' = '%WINDIR%\conime.exe'
- %WINDIR%\conime.exe
- %WINDIR%\conime.exe
- %WINDIR%\conime.exe
- 'pp####.jetos.com':443
- 'pp####.lflink.com':80
- 'pp####.lflink.com':443
- '22#.#28.135.20':80
- '22#.#28.135.20':443
- 'pp####.jetos.com':80
- pp####.lflink.com/wKi+hvQK/index/VVNFUi00QkIwOUE5QzAyLkFkbWluaXN0cmF0b3IAbWEwMDNh.html
- pp####.jetos.com/wKi+hvQK/index/VVNFUi00QkIwOUE5QzAyLkFkbWluaXN0cmF0b3IAbWEwMDNh.html
- 22#.#28.135.20/wKi+hvQK/index/VVNFUi00QkIwOUE5QzAyLkFkbWluaXN0cmF0b3IAbWEwMDNh.html
- DNS ASK pp####.lflink.com
- DNS ASK pp####.jetos.com
- ClassName: 'Indicator' WindowName: ''