Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'love_world' = '%APPDATA%\System_Libya.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'DoNotAllowExceptions' = '00000000'
- '%APPDATA%\System_Libya.exe'
- '<SYSTEM32>\netsh.exe' firewall set opmode enable
- %APPDATA%\System_Libya.exe
- 'fd#c.ly':80
- 'wp#d':80
- '20#.#3.168.32':3306
- http://fd#c.ly/time.php
- http://11#.#11.111.1/wpad.dat via wp#d
- DNS ASK fd#c.ly
- DNS ASK wp#d