Trojan.Starman.5250

Техническая информация

Для обеспечения автозапуска и распространения:

Создает или изменяет следующие файлы:

%WINDIR%\Tasks\SA.DAT

Вредоносные функции:

Запускает на исполнение:

'<SYSTEM32>\svchost.exe' -k netsvcs

Изменения в файловой системе:

Создает следующие файлы:

%CommonProgramFiles%\Microsoft Shared\Stationery\brvrjrke.exe
%CommonProgramFiles%\System\ado\tsektjkj.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\ehbebsrn.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\nsqjttkv.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\njbsvtll.exe
%PROGRAM_FILES%\FireFox\chrome\toolkit\content\global\sjwzlskk.exe
%PROGRAM_FILES%\FireFox\chrome\toolkit\res\lhbtcvlt.exe
%PROGRAM_FILES%\FireFox\chrome\toolkit\content\global\hltjtlne.exe
%PROGRAM_FILES%\FireFox\chrome\toolkit\content\global\jjjthqtn.exe
%PROGRAM_FILES%\FireFox\chrome\toolkit\content\global\cpow\ketssrzn.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\bcwvzwbh.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\czjevcet.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\xrljqjzn.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\vkjljzrn.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\bhrhnkht.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\tlcwjrwt.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\bnbtzwxt.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\bzqlkhrh.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\qjllsjhl.exe
%CommonProgramFiles%\Microsoft Shared\Stationery\elwtjnbj.exe

Сетевая активность:

Подключается к:

'62.##.116.192':139
'62.##.240.124':139
'62.##.16.209':139
'62.#9.81.95':139
'62.##.186.130':139
'62.#9.46.45':139
'62.##.215.52':139
'62.##.209.125':139
'62.#9.24.62':139
'62.##.87.140':139
'62.##.220.153':139
'62.##.88.173':445
'62.##.175.21':445
'62.##.173.46':445
'62.##.104.128':445
'62.#9.46.55':445
'62.##.145.105':139
'62.##.20.218':139
'62.##.130.177':139
'62.##.111.107':445
'62.##.198.110':139
'62.#9.24.62':445
'62.##.87.140':445
'62.##.240.124':445
'62.##.16.209':445
'62.##.116.192':445
'62.#9.7.201':445
'62.#9.72.82':445
'62.##.215.52':445
'62.##.209.125':445
'62.#9.46.45':445
'62.##.186.130':445
'62.##.83.190':139
'62.##.198.110':445
'62.##.189.72':139
'62.#9.7.201':139
'62.#9.72.82':139
'62.##.220.153':445
'62.#9.81.95':445
'62.##.20.218':445
'62.##.130.177':445
'62.##.145.105':445
'62.##.175.21':139
'62.##.111.107':139
'62.##.88.173':139
'62.#9.46.55':139
'62.##.173.46':139
'62.#9.74.73':445
'62.#9.79.32':445
'62.##.152.20':445
'62.#9.22.82':445
'62.##.230.183':445
'62.##.104.128':139
'62.##.99.228':139
'62.#9.47.99':139
'62.##.11.121':139
'62.##.237.170':139
'62.##.121.237':139
'62.##.41.111':139
'62.##.196.19':139
'62.##.66.159':139
'62.##.160.47':139
'62.##.228.81':139
'62.##.99.228':445
'62.#9.47.99':445
'62.##.11.121':445
'62.##.237.170':445
'62.##.121.237':445
'62.##.41.111':445
'62.##.196.19':445
'62.##.66.159':445
'62.##.160.47':445
'62.##.228.81':445
'62.#9.2.107':445
'62.##.120.228':445
'62.##.247.13':445
'62.#9.76.42':445
'62.#9.80.79':445
'62.#9.42.80':445
'62.#9.108.2':445
'62.##.193.23':445
'62.#9.24.6':445
'62.##.141.160':445
'62.##.31.158':445
'62.##.189.72':445
'62.#9.81.28':445
'62.##.243.200':445
'62.##.28.172':445
'62.##.231.145':445
'62.#9.141.5':445
'62.##.39.170':445
'62.##.127.143':445
'62.#9.37.98':445
'62.#9.16.78':445
'62.##.109.108':445
'62.##.191.36':445
'62.##.206.55':445
'62.##.44.197':445
'62.##.16.109':445
'62.#9.170.7':445
'62.##.96.241':445
'62.##.11.133':445
'62.##.20.242':445
'62.#9.52.80':445
'62.#9.70.5':445
'62.##.25.160':445
'62.##.216.158':139
'62.##.203.226':139
'62.##.179.85':139
'62.##.180.12':139
'62.##.144.65':139
'62.#9.17.40':139
'62.#9.24.95':139
'62.##.144.167':139
'62.##.241.225':139
'62.#9.199.4':139
'62.##.178.60':139
'62.##.69.223':139
'62.#9.69.12':139
'62.#9.67.5':139
'62.##.75.110':445
'62.##.123.219':445
'62.##.103.77':139
'62.##.213.155':139
'62.##.155.228':139
'62.##.109.24':139
'62.#9.0.244':139
'62.##.44.197':139
'62.#9.70.5':139
'62.##.206.55':139
'62.##.96.241':139
'62.##.16.109':139
'62.##.20.242':139
'62.##.191.36':139
'62.##.11.133':139
'62.##.25.160':139
'62.#9.52.80':139
'62.#9.170.7':139
'62.##.191.160':139
'62.#9.25.52':139
'62.#9.66.42':139
'62.##.83.190':445
'62.##.172.83':139
'62.##.187.71':139
'62.#9.9.156':139
'62.##.225.250':139
'62.##.103.247':139
'62.##.164.103':139
'62.##.191.160':445
'62.#9.25.52':445
'62.#9.66.42':445
'62.##.123.219':139
'62.##.172.83':445
'62.##.187.71':445
'62.#9.9.156':445
'62.##.225.250':445
'62.##.103.247':445
'62.##.164.103':445
'62.##.75.110':139
'62.#9.81.28':139
'62.##.243.200':139
'62.##.28.172':139
'62.##.231.145':139
'62.#9.141.5':139
'62.##.39.170':139
'62.##.127.143':139
'62.#9.37.98':139
'62.#9.16.78':139
'62.##.109.108':139
'62.#9.0.201':445
'62.##.230.118':445
'62.##.215.82':445
'62.##.105.66':445
'62.##.239.178':445
'62.##.65.132':445
'62.##.70.146':445
'62.##.132.145':445
'62.##.154.233':445
'62.##.50.193':445
'62.#9.132.6':445
'62.##.54.191':139
'62.#9.7.83':139
'62.##.119.180':139
'62.#9.65.61':139
'62.#9.92.74':139
'62.##.143.88':139
'62.##.152.12':445
'62.##.76.132':139
'62.##.183.13':139
'62.#9.17.62':139
'62.#9.46.92':445
'62.##.31.171':445
'62.##.191.35':445
'62.#9.8.120':445
'62.##.46.216':445
'62.#9.61.41':445
'62.##.208.13':445
'62.##.250.215':445
'62.#9.71.97':445
'62.##.83.127':445
'62.##.220.190':445
'62.#9.38.54':445
'62.##.171.202':445
'62.#9.230.8':445
'62.##.159.170':445
'62.##.215.159':445
'62.#9.37.1':445
'62.#9.0.139':445
'62.#9.12.61':445
'62.##.149.171':445
'62.##.81.190':445
'62.#9.230.8':139
'62.#9.38.54':139
'62.##.215.159':139
'62.##.70.146':139
'62.##.159.170':139
'62.#9.12.61':139
'62.#9.37.1':139
'62.##.81.190':139
'62.##.171.202':139
'62.##.149.171':139
'62.##.65.132':139
'62.##.239.178':139
'62.##.215.82':139
'62.##.105.66':139
'62.##.152.12':139
'62.#9.132.6':139
'62.##.50.193':139
'62.##.132.145':139
'62.##.154.233':139
'62.#9.0.201':139
'62.##.230.118':139
'62.##.107.50':139
'62.##.189.114':139
'62.#9.22.40':139
'62.##.208.13':139
'62.##.233.78':139
'62.##.151.248':139
'62.##.61.200':139
'62.##.95.174':139
'62.##.107.75':139
'62.#9.205.5':139
'62.#9.61.41':139
'62.##.46.216':139
'62.##.191.35':139
'62.#9.8.120':139
'62.#9.0.139':139
'62.##.220.190':139
'62.##.83.127':139
'62.##.250.215':139
'62.#9.71.97':139
'62.#9.46.92':139
'62.##.31.171':139
'62.##.233.78':445
'62.#9.30.54':445
'62.#9.4.224':445
'62.##.114.171':445
'62.#9.25.92':445
'62.##.117.249':445
'62.##.105.178':445
'62.##.112.105':445
'62.##.178.228':445
'62.#9.74.84':445
'62.#9.59.0':445
'62.##.120.195':445
'62.##.112.105':139
'62.##.35.195':139
'62.##.105.178':139
'62.#9.59.0':139
'62.##.178.228':139
'62.##.127.206':139
'62.#9.79.72':445
'62.##.191.228':139
'62.#9.65.82':139
'62.#9.3.45':139
'62.##.247.13':139
'62.##.141.160':139
'62.##.120.228':139
'62.#9.42.80':139
'62.#9.76.42':139
'62.##.193.23':139
'62.#9.2.107':139
'62.#9.108.2':139
'62.##.31.158':139
'62.#9.24.6':139
'62.#9.80.79':139
'62.##.191.228':445
'62.##.127.206':445
'62.#9.3.45':445
'62.##.35.195':445
'62.#9.65.82':445
'62.#9.74.73':139
'62.#9.79.32':139
'62.##.152.20':139
'62.#9.22.82':139
'62.##.230.183':139
'62.#9.17.62':445
'62.##.76.132':445
'62.##.183.13':445
'62.##.54.191':445
'62.#9.7.83':445
'62.#9.0.201':9988
'62.##.230.118':9988
'62.#9.132.6':9988
'62.##.143.88':445
'62.##.215.82':9988
'62.##.119.180':445
'62.##.107.75':445
'62.#9.205.5':445
'62.##.189.114':445
'62.#9.22.40':445
'62.##.107.50':445
'62.#9.65.61':445
'62.#9.92.74':445
'62.##.61.200':445
'62.##.95.174':445
'62.##.151.248':445
'62.##.120.195':139
'62.#9.25.92':139
'62.#9.79.72':139
'62.#9.22.40':9988
'62.##.183.13':9988
'62.#9.4.224':139
'62.#9.74.84':139
'62.#9.30.54':139
'62.##.117.249':139
'62.##.114.171':139
'62.#9.8.120':9988
'62.#9.230.8':9988
'62.##.171.202':9988
'62.##.215.159':9988
'62.##.154.233':9988
'62.##.50.193':9988
'62.#9.37.1':9988
'62.##.220.190':9988
'62.#9.12.61':9988
'62.##.149.171':9988
'62.##.81.190':9988

Технологии

Термины

Обучение и просвещение

Мифы

Техническая информация

Рекомендации по лечению

Демо бесплатно на 14 дней