Техническая информация
- %WINDIR%\KKl2.exe
- %WINDIR%\KKl3.exe
- %WINDIR%\KKl4.exe
- %WINDIR%\KKl5.exe
- %WINDIR%\KKl1.exe
- %WINDIR%\KKl3.exe (загружен из сети Интернет)
- %WINDIR%\KKl4.exe (загружен из сети Интернет)
- %WINDIR%\KKl1.exe (загружен из сети Интернет)
- %WINDIR%\KKl2.exe (загружен из сети Интернет)
- %WINDIR%\KKl5.exe (загружен из сети Интернет)
- ClassName: 'TDeDeMainForm' WindowName: ''
- ClassName: 'TIdaWindow' WindowName: ''
- ClassName: 'APIMonitor By Rohitab' WindowName: ''
- ClassName: 'RegmonClass' WindowName: ''
- ClassName: 'FilemonClass' WindowName: ''
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\KKl3[1].jpg
- %WINDIR%\KKl2.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\KKl2[1].jpg
- %WINDIR%\KKl4.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\KKl4[1].jpg
- %WINDIR%\KKl3.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\KKl5[1].jpg
- %WINDIR%\chi.pps
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\chi[1].jpg
- %WINDIR%\KKl1.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\KKl1[1].jpg
- %WINDIR%\KKl5.exe
- 'up###dway.com':80
- 'localhost':1035
- up###dway.com/files/1954/KKl2.jpg
- up###dway.com/files/1957/KKl3.jpg
- up###dway.com/files/1958/KKl4.jpg
- up###dway.com/files/2010/chi.jpg
- up###dway.com/files/1820/KKl5.jpg
- up###dway.com/files/1953/KKl1.jpg
- DNS ASK up###dway.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: '<Имя вируса>'
- ClassName: 'SuckMe&Class' WindowName: ''