Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\jbo8zb3.lnk
- '<SYSTEM32>\rundll32.exe' %TEMP%\3bz8obj.dss,XL204
- '<SYSTEM32>\rundll32.exe' %ALLUSERSPROFILE%\Application Data\3bz8obj.dss,XL200
- %ALLUSERSPROFILE%\Application Data\jbo8zb3.bxx
- %TEMP%\3bz8obj.dss
- %ALLUSERSPROFILE%\Application Data\3bz8obj.dss
- <SYSTEM32>\PerfStringBackup.TMP
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- '46.##5.220.180':443
- '19#.#15.114.209':443