Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\widuxngq] 'Start' = '00000001'
- NtTerminateProcess, драйвер-обработчик: widuxngq.sys
- NtOpenKey, драйвер-обработчик: widuxngq.sys
- NtCreateKey, драйвер-обработчик: widuxngq.sys
- %WINDIR%\widuxngq.sys
- 'ma##.##uster-club.info':25
- '20#.#6.232.182':25
- 'pr###uning.org':80
- '20#.#2.169.15':80
- 'ma##.aol.com':25
- '74.##5.232.51':80
- '20#.#2.169.54':80
- '67.##5.160.76':25
- '74.##5.232.51':25
- 20#.#2.169.54/nnn3?i=#
- 20#.#2.169.54/nnn2?i=#
- 20#.#2.169.54/nnn1?i=#
- pr###uning.org/login.php
- 20#.#2.169.54/login.php
- 20#.#2.169.15/login.php
- DNS ASK cl####r-club.info
- DNS ASK ma##.#icrosoft.com
- DNS ASK microsoft.com
- DNS ASK pr###uning.name
- DNS ASK pr###uning.org
- DNS ASK ma##.##uster-club.info
- DNS ASK ya##o.com
- DNS ASK ma##.google.com
- DNS ASK google.com
- DNS ASK ma##.aol.com
- DNS ASK ao#.com
- DNS ASK ma##.yahoo.com