Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\BITS] 'Start' = '00000002'
- ClassName: 'OLLYDBG', WindowName: ''
- %TEMP%\BIT4.tmp
- %TEMP%\BIT5.tmp
- %TEMP%\BIT6.tmp
- %TEMP%\BIT1.tmp
- %TEMP%\BIT2.tmp
- %TEMP%\BIT3.tmp
- %TEMP%\1504763780
- %TEMP%\1504763789
- %TEMP%\1504763799
- %TEMP%\1504763710
- %TEMP%\1504763741
- %TEMP%\1504763751
- %TEMP%\BIT4.tmp в %TEMP%\1504763780
- %TEMP%\BIT5.tmp в %TEMP%\1504763789
- %TEMP%\BIT6.tmp в %TEMP%\1504763799
- %TEMP%\BIT1.tmp в %TEMP%\1504763710
- %TEMP%\BIT2.tmp в %TEMP%\1504763741
- %TEMP%\BIT3.tmp в %TEMP%\1504763751
- 'ne####ringsite.com':80
- 'localhost':1042
- 'localhost':1047
- 'localhost':1049
- 'localhost':1048
- 'localhost':1038
- 'wp#d':80
- 'th####sharing.com':80
- 'ne###arings.com':80
- 'localhost':1040
- http://ne###arings.com/gettasks2.php?pr################################################################
- http://ne####ringsite.com/gettasks2.php?pr################################################################
- http://11#.#11.111.1/wpad.dat via wp#d
- http://th####sharing.com/gettasks2.php?pr################################################################
- DNS ASK ne###arings.com
- DNS ASK ne####ringsite.com
- DNS ASK wp#d
- DNS ASK th####sharing.com