Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Information Endpoint Transaction' = 'C:\wfeiuroeszgekby\prduesci.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Connect Awareness Player Name] 'ImagePath' = 'C:\wfeiuroeszgekby\prduesci.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Connect Awareness Player Name] 'Start' = '00000002'
- 'C:\wfeiuroeszgekby\jwhvsio.exe' "c:\wfeiuroeszgekby\prduesci.exe"
- 'C:\wfeiuroeszgekby\prduesci.exe'
- 'C:\wfeiuroeszgekby\wz2y93cmzcwlofv5u2.exe'
- C:\wfeiuroeszgekby\prduesci.exe
- C:\wfeiuroeszgekby\jwhvsio.exe
- C:\wfeiuroeszgekby\rwk6lcx
- %WINDIR%\wfeiuroeszgekby\urgpgass5a9
- C:\wfeiuroeszgekby\urgpgass5a9
- C:\wfeiuroeszgekby\wz2y93cmzcwlofv5u2.exe
- C:\wfeiuroeszgekby\jwhvsio.exe
- C:\wfeiuroeszgekby\prduesci.exe
- C:\wfeiuroeszgekby\wz2y93cmzcwlofv5u2.exe
- %WINDIR%\wfeiuroeszgekby\urgpgass5a9
- %WINDIR%\wfeiuroeszgekby\urgpgass5a9
- '87.##.38.225':33631
- '10#.#02.79.27':36272
- '86.#8.69.58':22437
- '41.##.10.183':48405
- '19#.#7.134.20':44965
- '12#.#60.123.173':36805
- '88.#48.36.4':25752
- '95.##8.241.220':49038
- '78.#7.87.58':21017
- '70.##2.38.96':41500
- '20#.#95.172.22':41884
- '82.##7.164.91':40801
- ClassName: 'Shell_TrayWnd' WindowName: ''