Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\WxHooKoPeN] 'ImagePath' = '<DRIVERS>\WxHooKoPeN.sys'
- NtWriteVirtualMemory, драйвер-обработчик: WxHooKoPeN.sys
- NtReadVirtualMemory, драйвер-обработчик: WxHooKoPeN.sys
- NtOpenProcess, драйвер-обработчик: WxHooKoPeN.sys
- <Полный путь к вирусу>
- <DRIVERS>\WxHooKoPeN.sys
- <DRIVERS>\WxHooKoPeN.sys
- ClassName: '' WindowName: 'TASLogin.exe'
- ClassName: '' WindowName: 'TP3Helper.exe'
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: 'TenioDL.exe'
- ClassName: '' WindowName: 'TenSafe_1.exe'
- ClassName: '' WindowName: 'tencentdl.exe'
- ClassName: '' WindowName: 'TXPlatform.exe'