Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'SearchEye SE' = '<Полный путь к вирусу>'
- %WINDIR%\Temp\SearchEye SE_conifg.ini
- <Текущая директория>\SearchEye SE_conifg.ini
- %WINDIR%\Temp\SearchEye SE_conifg.ini
- <Текущая директория>\SearchEye SE_conifg.ini
- 'up####.searcheye.co.kr':80
- up####.searcheye.co.kr/se/cont/sizeid.php?pi##
- up####.searcheye.co.kr/se/cont/dllid.php?pi##
- up####.searcheye.co.kr/se/config2.php?pi##
- up####.searcheye.co.kr/se/cont/guid.php?pi##
- up####.searcheye.co.kr/se/config.php
- up####.searcheye.co.kr/se/cont/proid.php?pi##
- up####.searcheye.co.kr/se/cont/regid.php?pi##
- DNS ASK up####.searcheye.co.kr
- '<IP-адрес в локальной сети>':1036
- ClassName: 'MS_WINHELP' WindowName: ''
- ClassName: 'Indicator' WindowName: ''