Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'KB3737~1.EXE' = '%APPDATA%\KB3737~1.EXE'
- '%APPDATA%\KB3737679.exe'
- <SYSTEM32>\dwwin.exe
- %TEMP%\253A4.dmp
- %APPDATA%\5567821.bat
- %APPDATA%\KB3737679.exe
- '62.##.240.193':8080
- '17#.63.77.7':8080
- '85.##.150.63':8080
- '93.##9.168.31':8080
- '13#.#04.149.154':8080
- '14#.#1.142.43':8080
- '88.##8.226.185':8080
- '94.##9.144.116':8080
- '81.##9.137.192':8080
- '20#.#01.195.109':8080
- '76.##.195.100':8080
- '21#.#15.130.61':8080
- '13#.#85.156.52':8080
- '17#.#7.100.189':8080
- '16#.#7.132.25':8080
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'Indicator' WindowName: '(null)'