Техническая информация
- Диспетчера задач (Taskmgr)
- '%TEMP%\tmp3.exe' /stext "%TEMP%\tmp4.tmp"
- '%TEMP%\tmp1.exe' /stext "%TEMP%\tmp2.tmp"
- [<HKCU>\Software\Yahoo\Pager]
- [<HKCU>\Software\Microsoft\IdentityCRL]
- [<HKCU>\Software\Microsoft\Windows Live Mail]
- [<HKCU>\Software\Microsoft\MSNMessenger]
- [<HKCU>\Software\Microsoft\Office\Outlook\OMI Account Manager\Accounts]
- [<HKCU>\Identities\{5518F2FB-DB74-45A3-BEC1-4575D8D9DC84}\Software\Microsoft\Internet Account Manager\Accounts]
- [<HKCU>\Identities\{5518F2FB-DB74-45A3-BEC1-4575D8D9DC84}\Software\Microsoft\Office\Outlook\OMI Account Manager\Accounts]
- %TEMP%\tmp3.exe
- %TEMP%\tmp4.tmp
- %TEMP%\tmp2.tmp
- %TEMP%\82638e90-d745-6b6e-36a1-7b6d431b9b3e
- %TEMP%\tmp1.exe
- %TEMP%\tmp4.tmp
- %TEMP%\tmp3.exe
- %TEMP%\tmp2.tmp
- %TEMP%\tmp1.exe
- 'www.ba###nlog.club':80
- 'bo#.####ismyipaddress.com':80
- 'wp#d':80
- http://bo#.####ismyipaddress.com/
- http://11#.#11.111.1/wpad.dat via wp#d
- http://www.ba###nlog.club/v5/Panel/api.php
- DNS ASK www.ba###nlog.club
- DNS ASK bo#.####ismyipaddress.com
- DNS ASK wp#d