Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'RevCode-5704' = '%APPDATA%\RevCode-5704.exe'
- %ALLUSERSPROFILE%\Application Data\Revcode-9D6FB4AB\svchost.exe
- <Полный путь к файлу> в %APPDATA%\RevCode-5704.exe
- 'ry#####22.93319601.to':80
- 'ry#####22.1e517001.to':80
- 'ry#####22.cf488101.to':80
- 'ry#####22.6a0fe901.to':80
- 'ry#####22.bb8c4e01.to':80
- 'ry#####22.81252b01.to':80
- 'ry#####22.49b56c01.to':80
- 'localhost':1041
- 'ry####x22.wm01.to':80
- 'ry#####22.efe87401.to':80
- 'ry#####22.53fb0701.to':80
- 'ry#####22.69385701.to':80
- http://ry#####22.93319601.to/recv3.php
- http://ry#####22.1e517001.to/recv3.php
- http://ry#####22.81252b01.to/recv3.php
- http://ry#####22.6a0fe901.to/recv3.php
- http://ry#####22.bb8c4e01.to/recv3.php
- http://ry#####22.69385701.to/recv3.php
- http://ry#####22.49b56c01.to/recv3.php
- http://ry#####22.53fb0701.to/recv3.php
- http://ry#####22.cf488101.to/recv3.php
- http://ry#####22.efe87401.to/recv3.php
- http://ry####x22.wm01.to/recv3.php
- DNS ASK ry#####22.93319601.to
- DNS ASK ry#####22.1e517001.to
- DNS ASK ry#####22.81252b01.to
- DNS ASK ry#####22.6a0fe901.to
- DNS ASK ry#####22.bb8c4e01.to
- DNS ASK ry#####22.cf488101.to
- DNS ASK ry#####22.49b56c01.to
- DNS ASK ry####x22.wm01.to
- DNS ASK ry#####22.69385701.to
- DNS ASK ry#####22.efe87401.to
- DNS ASK ry#####22.53fb0701.to
- '%ALLUSERSPROFILE%\Application Data\Revcode-9D6FB4AB\svchost.exe' 2900