Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'wminit' = '%CommonProgramFiles%\System\wminit.exe'
- %CommonProgramFiles%\System\wminit.exe "<Полный путь к вирусу>"
- %CommonProgramFiles%\System\wminit.exe
- %CommonProgramFiles%\System\wminit.dat
- '18#.#2.109.219':61320
- '18#.#2.109.219':61317
- '18#.#2.109.219':61318
- '18#.#2.109.219':61314
- '18#.#2.109.219':61312
- 'mc####15627.info':61310
- '18#.#2.109.219':61310
- '18#.#2.109.219':61315
- 'ph####74653.info':61310
- '18#.#2.109.219':61313
- 'in####26344.info':61310
- '18#.#2.109.219':61316
- '18#.#2.109.219':61311
- '18#.#2.109.219':61319
- DNS ASK mc####15627.info
- DNS ASK in####26344.info
- DNS ASK ph####74653.info