Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'SonyAgent' = '<Полный путь к вирусу>'
- '<SYSTEM32>\taskhost.exe'
- '<SYSTEM32>\wermgr.exe' -queuereporting
- <Полный путь к вирусу>
- '31.##.247.31':80
- 'localhost':49200
- 'localhost':49203
- 'localhost':49206
- '10#.86.69.3':80
- '17#.#51.244.1':80
- '17#.#82.70.33':80
- 'localhost':49191
- 'localhost':49194
- 'localhost':49197
- '31.##.57.120':80
- '5.##8.42.45':80
- '31.#2.73.29':80
- '17#.#51.225.32':80
- '46.##0.107.53':80
- '15#.#24.80.44':80
- 'localhost':49215
- 'localhost':49209
- '15#.0.38.33':80
- '31.##.48.115':80
- '46.##.203.236':80
- 'localhost':49212
- '77.##2.24.11':80
- 'localhost':49167
- 'localhost':49170
- 'localhost':49173
- '94.##3.44.72':80
- '31.##.116.65':80
- '46.##9.208.107':80
- 'localhost':49158
- 'localhost':49161
- 'localhost':49164
- '94.#8.23.11':80
- 'localhost':49185
- '68.#9.87.0':80
- '17#.#50.155.32':80
- '17#.#51.115.1':80
- 'localhost':49188
- 'localhost':49182
- 'localhost':49176
- '24.##0.60.184':80
- '31.##.148.33':80
- '17#.#37.150.125':80
- 'localhost':49179
- 15#.#24.80.44/start.htm
- 46.##0.107.53/setup.htm
- 5.##8.42.45/start.htm
- 17#.#51.225.32/start.htm