Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'msdbe7c3ee6.exe' = '"%APPDATA%\Microsoft\msdbe7c3ee6.exe"'
- [<HKLM>\SOFTWARE\Classes\MapBui Document\shell\open\command] '' = '<Полный путь к вирусу> "%1"'
- <SYSTEM32>\cmd.exe
- %APPDATA%\ms5521274.bat
- %APPDATA%\Microsoft\msdbe7c3ee6.exe
- %APPDATA%\ms5521274.bat
- '16#.#44.77.164':8080
- '19#.#54.231.79':8080
- '74.##7.247.144':8080
- '10#.#19.55.50':8080
- '10#.#87.103.213':8080
- '12#.#99.214.100':8080
- '20#.#50.6.60':8080
- '16#.#44.80.214':8080
- '72.##.150.60':8080
- '10#.#86.17.24':8080
- '46.##4.107.142':8080
- '20#.#59.128.19':8080
- '18#.#6.55.88':8080
- '69.##7.152.111':8080
- '19#.#3.78.98':8080
- ClassName: 'Indicator' WindowName: ''