Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Trickler' = '"<Полный путь к вирусу>"'
- %TEMP%\trickler\GTJ3.tmp
- %TEMP%\trickler\GTJ3.tmp
- 'tr####e.gator.com':80
- 'gs.##tor.com':80
- 'localhost':1036
- tr####e.gator.com/download/trickler.inf
- gs.##tor.com/Cmd/client_log_event
- DNS ASK tr####e.gator.com
- DNS ASK gs.##tor.com
- ClassName: 'Trickler_WndClass' WindowName: '(null)'