Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'wminit' = '%CommonProgramFiles%\System\wminit.exe'
- %CommonProgramFiles%\System\wminit.exe "<Полный путь к вирусу>"
- %CommonProgramFiles%\System\wminit.exe
- %CommonProgramFiles%\System\wminit.dat
- '64.#6.64.13':53109
- 't1###18191.org':53100
- '64.#6.64.13':53110
- 't1###18191.info':53100
- 't1###18191.net':53100
- 't1###18190.org':53100
- '64.#6.64.13':53108
- 't1###18190.com':53100
- '64.#6.64.13':53105
- '64.#6.64.13':53107
- '64.#6.64.13':53101
- '64.#6.64.13':53106
- '64.#6.64.13':53103
- '64.#6.64.13':53104
- '64.#6.64.13':53102
- 't1###18190.net':53100
- 't1###18191.com':53100
- DNS ASK t1###18190.com
- DNS ASK t1###18191.net
- DNS ASK t1###18190.org
- DNS ASK t1###18191.org
- DNS ASK t1###18190.net
- DNS ASK t1###18191.com
- DNS ASK t1###18191.info