Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Firewall' = 'C:\File Backup\Backup.exe'
- '<SYSTEM32>\taskhost.exe'
- '<SYSTEM32>\rundll32.exe' dfdts.dll,DfdGetDefaultPolicyAndSMART
- <SYSTEM32>\cmd.exe
- java.exe
- javaw.exe
- firefox.exe
- opera.exe
- iexplore.exe
- C:\File Backup\Backup.exe
- C:\File Backup\Backup.exe
- 'we#######musa.altervista.org':80
- we#######musa.altervista.org/password.html
- we#######musa.altervista.org/maintext.html
- DNS ASK we#######musa.altervista.org
- ClassName: 'OleMainThreadWndClass' WindowName: '(null)'
- ClassName: 'Shell_traywnd' WindowName: ''
- ClassName: 'Indicator' WindowName: '(null)'