Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'mipuvid' = 'Rundll32.exe "<SYSTEM32>\memezor.dll",r'
- <SYSTEM32>\rundll32.exe "<SYSTEM32>\memezor.dll",r <Полный путь к вирусу>
- <SYSTEM32>\kiwasug.dll
- <SYSTEM32>\memezor.dll
- 'my#####virusplus.org':80
- 'an####rplus2011.com':80
- my#####virusplus.org/callback/exe_in_db.php?ui################################################
- an####rplus2011.com/install/avp.dll?
- DNS ASK my#####virusplus.org
- DNS ASK an####rplus2011.com