Техническая информация
- [<HKLM>\SYSTEM\ControlSet002\Services\prkkoq] 'start' = '00000002'
- [<HKLM>\SYSTEM\CONTROLSET003\Services\prkkoq\Parameters] 'ServiceDll' = '<SYSTEM32>\zznmnw.dll'
- [<HKLM>\SYSTEM\CONTROLSET003\Services\prkkoq] 'start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet002\Services\prkkoq\Parameters] 'ServiceDll' = '<SYSTEM32>\zznmnw.dll'
- [<HKLM>\SYSTEM\ControlSet001\Services\prkkoq] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\prkkoq] 'ImagePath' = '<SYSTEM32>\svchost.exe -k prkkoq'
- [<HKLM>\SYSTEM\ControlSet001\Services\prkkoq\Parameters] 'ServiceDll' = '<SYSTEM32>\zznmnw.dll'
- '<SYSTEM32>\svchost.exe' -k prkkoq
- ClassName: 'OLLYDBG', WindowName: ''
- <SYSTEM32>\zznmnw.dll
- <SYSTEM32>\00054781.inf
- %TEMP%\80EB2F5C
- '<L####NET_GATEWAY>':80
- http://19#.168.0.1/20171130/044329/204859.jsp via <L####NET_GATEWAY>
- http://19#.168.0.1/20171130/044316/192218.jsp via <L####NET_GATEWAY>
- http://19#.168.0.1/20171130/044355/230734.jsp via <L####NET_GATEWAY>
- http://19#.168.0.1/20171130/044342/218031.jsp via <L####NET_GATEWAY>
- http://19#.168.0.1/20171130/044304/179390.jsp via <L####NET_GATEWAY>
- http://19#.168.0.1/20171130/044225/141000.jsp via <L####NET_GATEWAY>
- http://19#.168.0.1/20171130/044204/120187.jsp via <L####NET_GATEWAY>
- http://19#.168.0.1/20171130/044251/166609.jsp via <L####NET_GATEWAY>
- http://19#.168.0.1/20171130/044238/153859.jsp via <L####NET_GATEWAY>