Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'prablinha' = '%HOMEPATH%\prablinha.exe'
- %HOMEPATH%\svchos.exe
- %HOMEPATH%\prablinha.exe
- '<IP-адрес в локальной сети>':14892
- 'www.ge###tes.com':80
- 'localhost':80
- www.ge###tes.com/iplocator.htm
- localhost/prablinha//asociaZombie.php?eq###########################################################################################
- DNS ASK www.ge###tes.com
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''