Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Trickler' = '"<Полный путь к вирусу>"'
- %TEMP%\fsg_tmp\GTJ00023280.tmp
- %TEMP%\fsg_tmp\GTJ00023280.tmp
- 'rs.##tor.com':80
- 'tr####e.gator.com':80
- 'ts.##tor.com':80
- 'localhost':1034
- 'gi.##tor.com':80
- tr####e.gator.com/download/trickler3.inf?23####################################################
- rs.##tor.com/rs.dll?tr##
- ts.##tor.com/Cmd/client_log_event
- gi.##tor.com/machine.asp
- DNS ASK rs.##tor.com
- DNS ASK tr####e.gator.com
- DNS ASK gi.##tor.com
- DNS ASK ts.##tor.com
- ClassName: 'Trickler_WndClass' WindowName: ''